The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released five urgent advisories on April 22, 2025, targeting critical vulnerabilities in widely-used Industrial Control Systems (ICS) from Siemens, ABB, and Schneider Electric.
With the increasing frequency and severity of cyberattacks on industrial infrastructure, these advisories serve as a stark warning to operators, administrators, and security professionals.
Five Industrial Control Systems Advisories
1.Siemens TeleControl Server Basic SQL—Multiple Vulnerabilities (ICSA-25-112-01)
.png
)
CISA’s first advisory, ICSA-25-112-01, details severe vulnerabilities in the Siemens TeleControl Server Basic SQL component. Notably, CVE-2025-40312 and CVE-2025-40313 allow remote attackers to perform SQL injection due to improper input validation.
These vulnerabilities could grant attackers unauthorized access to critical system databases, enabling data theft or manipulation.
Mitigation Advice: Siemens has released patches to address these flaws. Users are strongly encouraged to apply the latest security updates and restrict network access to the affected systems.
2.Siemens TeleControl Server Basic—Privilege Escalation Flaw (ICSA-25-112-02)
The second advisory, ICSA-25-112-02, highlights a privilege escalation vulnerability (CVE-2025-40314) within the main Siemens TeleControl Server Basic product.
Exploitation could allow an attacker with local access to gain elevated privileges, potentially compromising other sensitive components within the ICS environment.
Mitigation Advice: Administrators should follow Siemens’ guidance to update software and audit user account privileges regularly.
3.Schneider Electric Wiser Home Controller WHC-5918A—Remote Exploits (ICSA-25-112-03)
Schneider Electric’s Wiser Home Controller is the focus of ICSA-25-112-03. This advisory reveals two major vulnerabilities: an authentication bypass (CVE-2025-40321) and a remote command execution flaw (CVE-2025-40322).
Attackers exploiting these could manipulate home automation systems, create backdoors, or disrupt operations.
Mitigation Advice: Schneider Electric has issued firmware updates, and users are advised to disable remote access if not needed and to implement strict access controls.
4.ABB MV Drives—Denial-of-Service Vulnerabilities (ICSA-25-112-04)
Critical vulnerabilities in ABB MV Drives are detailed in ICSA-25-112-04. One major concern is CVE-2025-40987, which can be exploited to cause a denial-of-service (DoS) condition, shutting down industrial processes and potentially resulting in revenue loss or safety incidents.
Mitigation Advice: ABB recommends updating to the latest firmware and segmenting networks to isolate critical infrastructure.
5.Schneider Electric Modicon M580 PLCs & EVLink Pro AC—Multiple Updates (ICSA-25-035-04)
The final advisory, ICSA-25-035-04, addresses vulnerabilities in Schneider Electric Modicon M580 PLCs, BMENOR2200H modules, and EVLink Pro AC charging stations, including authentication weaknesses (CVE-2025-40131) and potential remote code execution paths (CVE-2025-40132).
Mitigation Advice: Schneider Electric has provided updated firmware and security recommendations, urging users to promptly apply all patches and monitor device logs for unusual activity.
CISA’s latest batch of ICS advisories underscores the urgent need for vigilance in securing industrial environments.
Exploitation of these vulnerabilities could have severe operational, financial, and safety impacts. Organizations are strongly advised to review the full CISA advisories, apply recommended mitigations, and stay alert for future security updates.
Find this News Interesting! Follow us on Google News, LinkedIn, & X to Get Instant Updates!
 has released five urgent advisories, targeting critical vulnerabilities.){kind=link}