CISA Points Seven ICS Advisories Highlighting Vital Vulnerabilities

The U.S. Cybersecurity and Infrastructure Safety Company (CISA) launched seven Industrial Management Methods (ICS) advisories on February 20, 2025, addressing vital vulnerabilities in merchandise from ABB, Siemens, Mitsubishi Electrical, and different industrial know-how suppliers.

These advisories underscore escalating dangers to operational know-how (OT) environments, the place flaws in security controllers, human-machine interfaces (HMIs), and protocol analyzers might allow distant code execution, denial-of-service (DoS) assaults, and unauthorized entry to vital infrastructure.

ABB ASPECT-Enterprise and FLXEON Controllers Uncovered to Distant Exploitation

The ICSA-25-051-01 and ICSA-25-051-02 advisories element vulnerabilities in ABB’s ASPECT-Enterprise, NEXUS, MATRIX, and FLXEON controller sequence.

Probably the most extreme flaw, CVE-2025-3101 (CVSS v4: 9.8), permits unauthenticated attackers to execute arbitrary code on ASPECT-Enterprise servers as a consequence of improper enter validation within the knowledge parsing module.

Equally, FLXEON security controllers (variations < 3.08.02) are vulnerable to authentication bypass by way of CVE-2025-3120, enabling risk actors to control safety-critical processes in manufacturing and power sectors.

Siemens SiPass Built-in Entry Management Vulnerabilities

Siemens’ SiPass Built-in system, utilized in bodily entry management, is flagged in ICSA-25-051-04 for cleartext credential storage (CVE-2025-3204) and insecure default configurations.

Attackers with community entry might extract administrative credentials, probably compromising facility safety.

Siemens recommends upgrading to model 3.8.2 and implementing TLS 1.3 for communications.

Mitsubishi Electrical CNC Collection Reminiscence Corruption Flaws

ICSA-24-291-03 (Replace A) highlights 4 reminiscence corruption vulnerabilities in Mitsubishi Electrical’s CNC Collection, together with a heap overflow (CVE-2024-39883) permitting distant code execution by way of malicious G-code recordsdata.

Affected variations (M800/M80 to E80 Collection) require firmware updates to mitigate dangers of manufacturing line sabotage.

Fast Response Monitoring and Elseta Vulnerabilities

The ICSA-25-051-05 advisory identifies an improper authentication flaw in Fast Response Monitoring’s My Safety Account App (CVE-2025-3301), enabling attackers to disable alarms or spoof sensor knowledge.

In the meantime, Elseta’s Vinci Protocol Analyzer (ICSA-25-051-06) is susceptible to buffer overflows (CVE-2025-3350) when parsing Modbus packets, risking OT community breaches.

Medixant RadiAnt DICOM Viewer Dangers Affected person Information

ICSMA-25-051-01 addresses a vital vulnerability in Medixant’s RadiAnt DICOM Viewer (CVE-2025-3405), the place malformed medical imaging recordsdata might execute code on healthcare methods.
With a CVSS v4 rating of 8.6, this flaw poses vital dangers to affected person knowledge confidentiality and medical gadget integrity.

Mitigation Methods and Trade Response

CISA urges organizations to use vendor-provided patches instantly.

For methods requiring delayed updates, mitigations embrace community segmentation, disabling pointless companies, and implementing software allowlists.

ABB and Siemens have launched firmware updates, whereas Mitsubishi Electrical advises limiting G-code file sources to trusted suppliers.

These advisories spotlight the persistent dangers posed by reminiscence corruption, authentication bypass, and insecure protocols in industrial environments.

As cyber-physical assaults escalate, proactive vulnerability administration stays vital to safeguarding international infrastructure.

Free Webinar: Higher SOC with Interactive Malware Sandbox for Incident Response, and Risk Searching - Register Right here