The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued six Industrial Control Systems (ICS) advisories addressing vulnerabilities in a range of critical systems.
These advisories aim to inform organizations about risks that could lead to unauthorized access, system compromise, or sensitive data exposure if left unaddressed.
Below are the details of each advisory, along with associated vulnerabilities and mitigation strategies.
1. mySCADA myPRO Manager – OS Command Injection Vulnerabilities
CISA reported two critical vulnerabilities in mySCADA’s myPRO Manager and myPRO Runtime that allow remote attackers to execute arbitrary OS commands. Both vulnerabilities received a CVSS v4 score of 9.3, indicating their severity.
Vulnerabilities:
- CVE-2025-20061: Exploitable via improperly neutralized POST requests related to email information processing.
- CVE-2025-20014: Exploitable via improperly neutralized POST requests related to version information.
Affected Versions:
- myPRO Manager: Versions prior to 1.3.
- myPRO Runtime: Versions prior to 9.2.1.
Organizations using vulnerable versions should update their systems immediately to the latest release provided by the vendor.
Investigate Real-World Malicious Links & Phishing Attacks With Threat Intelligence Lookup - Try for Free
2. Hitachi Energy RTU500 Series – Firmware Update Security Bypass
Firmware in Hitachi Energy’s RTU500 series contains a security flaw allowing authenticated users to bypass secure update checks, potentially enabling the installation of unsigned firmware.
Vulnerability:
- CVE-2024-2617: Scored 7.2 (CVSS v3), this exploit allows attackers to manipulate firmware updates.
Affected Versions:
- Firmware versions 13.5.1–13.5.3, 13.4.1–13.4.4, and 13.2.1–13.2.7.
Administrators should implement firmware updates signed by the vendor and restrict access to authorized personnel only.
3. Schneider Electric EVlink Home Smart and Schneider Charge – Cleartext Storage of Sensitive Information
Schneider Electric’s EVlink Home Smart and Schneider Charge face a vulnerability due to the cleartext storage of sensitive information, which could expose test credentials in firmware binaries.
Vulnerability:
- CVE-2024-8070: Scored 8.5 (CVSS v3), this vulnerability simplifies unauthorized access to sensitive data.
Affected Versions:
- EVlink Home Smart: All versions prior to 2.0.6.0.0.
- Schneider Charge: All versions prior to 1.13.4.
Users are advised to apply the latest firmware updates or restrict physical and network access to these devices.
4. Schneider Electric Easergy Studio – Privilege Escalation Vulnerability
The Easergy Studio platform has an improper privilege management flaw that allows attackers with file system access to gain elevated privileges.
Vulnerability:
- CVE-2024-9002: Scored 7.8 (CVSS v3), this exploit can lead to the compromise of workstation confidentiality, integrity, and availability.
Affected Versions:
- Easergy Studio versions 9.3.1 and earlier.
Organizations should apply updates from Schneider Electric and restrict user access on affected systems.
5. Schneider Electric EcoStruxure Power Build Rapsody – Memory Buffer Exploitation
EcoStruxure Power Build Rapsody suffered from a memory buffer restriction vulnerability that could allow attackers to execute arbitrary code by opening a malicious project file.
Vulnerability:
- CVE-2024-11139: Rated 4.6 (CVSS v4) for its potential impact when exploited locally.
Affected Versions:
- Several localized versions, including v2.5.2 NL, v2.7.1 FR, v2.7.5 ES, and v2.5.4 INT, among others.
Customers should update to the latest version or avoid opening untrusted project files.
6. HMS Networks Ewon Flexy 202 – Cleartext Transmission of Credentials
HMS Networks’ Ewon Flexy 202 transmits user credentials in cleartext format when users are added or modified via the web page, making them susceptible to interception.
Vulnerability:
- CVE-2025-0432: Scored 6.9 (CVSS v4), this vulnerability is exploitable in low-complexity attack scenarios.
Affected Versions:
- All versions of Ewon Flexy 202.
Users should restrict network access to affected devices and apply encryption protocols where feasible.
CISA’s latest ICS advisories underscore the critical need for industrial organizations to stay vigilant against evolving cybersecurity threats. To mitigate risks:
- Apply the latest patches or updates provided by vendors.
- Restrict access to ICS systems and enforce strong authentication policies.
- Monitor networks for unusual activity, particularly targeted at exposed ICS endpoints.
Integrating Application Security into Your CI/CD Workflows Using Jenkins & Jira -> Free Webinar