CISA Releases Six ICS Advisories Highlighting Critical Security Vulnerabilities

U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued six Industrial Control Systems (ICS) advisories to address significant vulnerabilities in critical systems used across various industries.

These advisories provide crucial information about security flaws that, if left unpatched, could lead to unauthorized access, system compromise, or exposure of sensitive data.

Organizations are encouraged to review these advisories and take immediate action to mitigate potential risks.

mySCADA’s myPRO Manager & myPRO Runtime

The first advisory, ICSA-25-023-01, focuses on mySCADA’s myPRO Manager and myPRO Runtime, which are affected by two critical OS command injection vulnerabilities.

These flaws, identified as CVE-2025-20061 and CVE-2025-20014, allow remote attackers to execute arbitrary OS commands due to improperly neutralized POST requests.

Investigate Real-World Malicious Links & Phishing Attacks With Threat Intelligence Lookup - Try for Free

These vulnerabilities, assigned a CVSS v4 score of 9.3, affect myPRO Manager versions prior to 1.3 and myPRO Runtime versions prior to 9.2.1. Users are advised to update to the latest versions to safeguard against these exploits.

Hitachi Energy’s RTU500 series

The second advisory, ICSA-25-023-02, pertains to Hitachi Energy’s RTU500 series, which contains a flaw enabling authenticated users to bypass secure firmware update checks.

This vulnerability, tracked as CVE-2024-2617, has a CVSS v3 score of 7.2 and affects firmware versions 13.5.1–13.5.3, 13.4.1–13.4.4, and 13.2.1–13.2.7.

If successfully exploited, attackers could install unsigned firmware, compromising system integrity. Hitachi Energy advises deploying only signed firmware updates and restricting access to authorized personnel.

Schneider Electric’s EVlink Home Smart

The third advisory, ICSA-25-023-03, highlights a vulnerability in Schneider Electric’s EVlink Home Smart and Schneider Charge charging stations.

This flaw, CVE-2024-8070, involves the cleartext storage of sensitive information, such as test credentials in firmware binaries, which attackers could exploit.

With a CVSS v3 score of 8.5, this vulnerability affects all EVlink Home Smart versions prior to 2.0.6.0.0 and all Schneider Charge versions prior to 1.13.4. Schneider Electric recommends applying the latest firmware updates and restricting physical and network access to these devices.

Schneider Electric’s Easergy Studio

Another advisory, ICSA-25-023-04, addresses a privilege escalation vulnerability in Schneider Electric’s Easergy Studio.

Identified as CVE-2024-9002, this flaw, which has a CVSS v3 score of 7.8, allows attackers with file system access to escalate privileges by tampering with binaries in the installation directory.

This vulnerability affects Easergy Studio versions 9.3.1 and earlier. Organizations are urged to update to the latest version and restrict system access to prevent unauthorized exploitation.

Schneider Electric’s EcoStruxure Power Build

The fifth advisory, ICSA-25-023-05, concerns Schneider Electric’s EcoStruxure Power Build Rapsody, which faces an improper memory buffer restriction issue.

This vulnerability, CVE-2024-11139, allows local attackers to execute arbitrary code by opening a malicious project file. With a CVSS v4 score of 4.6, this flaw affects multiple localized versions, including v2.5.2 NL, v2.7.1 FR, and v2.5.4 INT.

Users should avoid opening untrusted project files and install the latest updates from Schneider Electric.

HMS Networks’ Ewon Flexy 202

Finally, ICSA-25-023-06 addresses a vulnerability in HMS Networks’ Ewon Flexy 202 devices.

This flaw, CVE-2025-0432, occurs due to cleartext transmission of user credentials when added or modified via the device’s web interface. With a CVSS v4 score of 6.9, this vulnerability affects all versions of the device.

Organizations should restrict network access to the device and implement encryption protocols to prevent interception of sensitive information.

These advisories underscore the importance of timely updates and strong cybersecurity practices to mitigate risks. Organizations using the affected products should prioritize applying the vendor-recommended patches and updates.

Furthermore, it is crucial to monitor network activity, enforce strict access controls, and implement robust authentication mechanisms to prevent unauthorized exploitation of these vulnerabilities.

Integrating Application Security into Your CI/CD Workflows Using Jenkins & Jira -> Free Webinar

The post CISA Releases Six ICS Advisories Highlighting Critical Security Vulnerabilities appeared first on Cyber Security News.