Friday, May 2, 2025
HomeCVE/vulnerabilityCISA Issues Seven ICS Advisories Highlighting Critical Vulnerabilities

CISA Issues Seven ICS Advisories Highlighting Critical Vulnerabilities

Published on

SIEM as a Service

Follow Us on Google News

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) released seven Industrial Control Systems (ICS) advisories on February 20, 2025, addressing critical vulnerabilities in products from ABB, Siemens, Mitsubishi Electric, and other industrial technology providers.

These advisories underscore escalating risks to operational technology (OT) environments, where flaws in safety controllers, human-machine interfaces (HMIs), and protocol analyzers could enable remote code execution, denial-of-service (DoS) attacks, and unauthorized access to critical infrastructure.

ABB ASPECT-Enterprise and FLXEON Controllers Exposed to Remote Exploitation

The ICSA-25-051-01 and ICSA-25-051-02 advisories detail vulnerabilities in ABB’s ASPECT-Enterprise, NEXUS, MATRIX, and FLXEON controller series.

- Advertisement - Google News

The most severe flaw, CVE-2025-3101 (CVSS v4: 9.8), allows unauthenticated attackers to execute arbitrary code on ASPECT-Enterprise servers due to improper input validation in the data parsing module.

Similarly, FLXEON safety controllers (versions < 3.08.02) are susceptible to authentication bypass via CVE-2025-3120, enabling threat actors to manipulate safety-critical processes in manufacturing and energy sectors.

Siemens SiPass Integrated Access Control Vulnerabilities

Siemens’ SiPass Integrated system, used in physical access control, is flagged in ICSA-25-051-04 for cleartext credential storage (CVE-2025-3204) and insecure default configurations.

Attackers with network access could extract administrative credentials, potentially compromising facility security.

Siemens recommends upgrading to version 3.8.2 and enforcing TLS 1.3 for communications.

Mitsubishi Electric CNC Series Memory Corruption Flaws

ICSA-24-291-03 (Update A) highlights four memory corruption vulnerabilities in Mitsubishi Electric’s CNC Series, including a heap overflow (CVE-2024-39883) allowing remote code execution via malicious G-code files.

Affected versions (M800/M80 to E80 Series) require firmware updates to mitigate risks of production line sabotage.

Rapid Response Monitoring and Elseta Vulnerabilities

The ICSA-25-051-05 advisory identifies an improper authentication flaw in Rapid Response Monitoring’s My Security Account App (CVE-2025-3301), enabling attackers to disable alarms or spoof sensor data.

Meanwhile, Elseta’s Vinci Protocol Analyzer (ICSA-25-051-06) is vulnerable to buffer overflows (CVE-2025-3350) when parsing Modbus packets, risking OT network breaches.

Medixant RadiAnt DICOM Viewer Risks Patient Data

ICSMA-25-051-01 addresses a critical vulnerability in Medixant’s RadiAnt DICOM Viewer (CVE-2025-3405), where malformed medical imaging files could execute code on healthcare systems.
With a CVSS v4 score of 8.6, this flaw poses significant risks to patient data confidentiality and medical device integrity.

Mitigation Strategies and Industry Response

CISA urges organizations to apply vendor-provided patches immediately.

For systems requiring delayed updates, mitigations include network segmentation, disabling unnecessary services, and enforcing application allowlists.

ABB and Siemens have released firmware updates, while Mitsubishi Electric advises restricting G-code file sources to trusted providers.

These advisories highlight the persistent risks posed by memory corruption, authentication bypass, and insecure protocols in industrial environments.

As cyber-physical attacks escalate, proactive vulnerability management remains critical to safeguarding global infrastructure.

Free Webinar: Better SOC with Interactive Malware Sandbox for Incident Response, and Threat Hunting - Register Here

Latest articles

Managing Shadow IT Risks – CISO’s Practical Toolkit

Managing Shadow IT risks has become a critical challenge for Chief Information Security Officers...

Application Security in 2025 – CISO’s Priority Guide

Application security in 2025 has become a defining concern for every Chief Information Security...

Preparing for Quantum Cybersecurity Risks – CISO Insights

Quantum cybersecurity risks represent a paradigm shift in cybersecurity, demanding immediate attention from Chief...

Securing Digital Transformation – CISO’s Resource Hub

In today’s hyper-connected world, securing digital transformation is a technological upgrade and a fundamental...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Netgear EX6200 Flaw Enables Remote Access and Data Theft

Security researchers have disclosed three critical vulnerabilities in the Netgear EX6200 Wi-Fi range extender...

Tesla Model 3 VCSEC Vulnerability Lets Hackers Run Arbitrary Code

A high security flaw in Tesla’s Model 3 vehicles, disclosed at the 2025 Pwn2Own...

Apache ActiveMQ Vulnerability Lets Remote Hackers Execute Arbitrary Code

A high vulnerability in Apache ActiveMQ’s .NET Message Service (NMS) library has been uncovered,...