The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert regarding a severe authentication vulnerability affecting Iskra iHUB and iHUB Lite intelligent metering gateways worldwide.
Assigned CVE-2025-13510 with a CVSS score of 9.3, this vulnerability represents a significant threat to critical infrastructure in the energy sector and beyond.
The flaw, classified as missing authentication for a critical function (CWE-306), exposes the web management interface of Iskra’s innovative metering systems without requiring any credentials.
This means attackers anywhere on the internet can access the administrative interface of these devices without needing a password or authentication token.
The vulnerability affects all versions of both the iHUB and iHUB Lite platforms, making the potential impact exceptionally broad.
Researchers at CISA discovered that successful exploitation allows remote attackers to reconfigure devices, update firmware, and manipulate connected systems with no authentication requirements whatsoever.
The attack requires only network access and low complexity, making it trivially easy for malicious actors to execute.
Once inside the management interface, attackers gain complete control of the affected intelligent metering gateway, potentially compromising entire data-collection networks.
The vulnerability’s impact is particularly alarming given that Iskra’s products serve critical infrastructure functions globally.
Intelligent metering gateways and data concentrators form the backbone of modern utility management systems, collecting and processing energy consumption data from thousands of endpoints.
A compromised gateway could affect multiple downstream systems and consumers, creating cascading failures across utility networks.
Compounding the problem, Iskra has not responded to CISA’s attempts to coordinate on this issue, leaving no vendor patch available.
CISA has attempted to contact Iskra through official channels but has received no substantive response from the vendor regarding remediation timelines or mitigation strategies.
In response to this threat, CISA recommends immediate defensive actions for affected organizations.
First and foremost, minimize network exposure by ensuring these control system devices are not directly accessible from the internet.
Isolate control system networks behind firewalls and, whenever possible, completely separate them from business networks.
CISA emphasizes the importance of thorough impact analysis and risk assessment before deploying any defensive measures, to ensure changes do not inadvertently disrupt critical operations.
Currently, no known public exploitation specifically targeting this vulnerability has been reported to CISA.
However, given the flaws’ ease of exploitation and critical nature, organizations should prioritize securing their Iskra installations immediately.
Any organization observing suspicious activity should report findings to CISA for threat tracking and correlation with other incidents worldwide.
Follow us on Google News, LinkedIn, and X to Get Instant Updates and Set GBH as a Preferred Source in Google.