CyberSecurityBoard
Sponsor Register Login

CISA Releases Two ICS Advisories for Vulnerabilities, & Exploits Surrounding ICS

Additional vulnerabilities documented in the advisory include an improper limitation of pathname to a restricted directory (CVE-2024-3980), commonly known as path traversal vulnerability, along with authentication bypass (CVE-2024-3982), missing authentication for critical function (CVE-2024-7940), and URL redirection to untrusted sites (CVE-2024-7941). This flaw rated CVSS v3.1 9.9 and CVSS v4.0 9.4, allows authenticated attackers with administrative privileges to execute remote code on Industrial Data Center (IDC) Generations 1–5 and VersaVirtual Appliance (VVA) Series A–C systems. These advisories, ICSA-25-091-01 and ICSA-24-331-04, address security flaws in Rockwell Automation and Hitachi Energy products respectively, providing essential information about vulnerabilities that could potentially compromise industrial operations if exploited. No public exploitation targeting these specific vulnerabilities has been reported to CISA at this time, but organizations are urged to act promptly to secure their systems against potential threats. The advisories represent part of CISA’s ongoing effort to address growing cyber threats targeting operational technologies that control essential industrial processes. For comprehensive protection guidance, CISA provides additional resources through its ICS webpage, including detailed technical information papers and cybersecurity best practices documents. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. Exploitation occurs via untrusted data deserialization in Veeam’s backup software, potentially enabling lateral movement across operational technology (OT) networks. CISA emphasizes urgency due to the vulnerability’s critical manufacturing sector impact and recommends reviewing mitigation strategies in their ICS-TIP-12-146-01B technical document. The most critical vulnerability (CVE-2024-4872) received a CVSS v3 base score of 9.9, indicating the potential for severe impact if exploited. The vulnerabilities affect various versions of the MicroSCADA Pro/X SYS600 product line, including versions 10.0 through 10.5 and some 9.4 versions with specific feature packs. This flaw exists in the query validation functionality and could allow authenticated attackers to inject malicious code towards persistent data. CISA strongly encourages users and administrators of affected systems to review the advisories immediately and implement recommended mitigations. Gurubaran is a co-founder of Cyber Security News and GBHackers On Security.

This Cyber News was published on cybersecuritynews.com. Publication date: Wed, 02 Apr 2025 09:05:09 +0000


Cyber News related to CISA Releases Two ICS Advisories for Vulnerabilities, & Exploits Surrounding ICS

CISA adds Check Point Quantum Security Gateways and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog - CISA adds Apache Flink flaw to its Known Exploited Vulnerabilities catalog. CISA adds D-Link DIR router flaws to its Known Exploited Vulnerabilities catalog. CISA adds Google Chrome zero-days to its Known Exploited Vulnerabilities catalog. CISA adds ...
10 months ago Securityaffairs.com
Threat landscape for industrial automation systems. H2 2023 - In the second half of 2023, the percentage of ICS computers on which malicious objects were blocked decreased by 2.1 pp to 31.9%. Percentage of ICS computers on which malicious objects were blocked, by half year. In H2 2023, building automation once ...
1 year ago Securelist.com
Threat landscape for industrial automation systems, Q1 2024 - In the first quarter of 2024, the percentage of ICS computers on which malicious objects were blocked decreased by 0.3 pp from the previous quarter to 24.4%. Compared to the first quarter of 2023, the percentage decreased by 1.3 pp. Percentage of ICS ...
10 months ago Securelist.com
CISA Releases Two ICS Advisories for Vulnerabilities, & Exploits Surrounding ICS - Additional vulnerabilities documented in the advisory include an improper limitation of pathname to a restricted directory (CVE-2024-3980), commonly known as path traversal vulnerability, along with authentication bypass (CVE-2024-3982), missing ...
1 day ago Cybersecuritynews.com CVE-2024-3980
CVE-2021-36845 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities in YITH Maintenance Mode (WordPress plugin) versions < 1.3.8, there are 46 vulnerable parameters that were missed by the vendor while patching the 1.3.7 version to 1.3.8. ...
3 years ago
Optigo Networks ONS-S8 Spectra Aggregation Switch | CISA - CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial ...
6 months ago Cisa.gov CVE-2024-41925 CVE-2024-45367
CISA Releases Two Industrial Control Systems Advisories | CISA - CISA encourages users and administrators to review newly released ICS advisories for technical details and mitigations. CISA released two Industrial Control Systems (ICS) advisories on October 1, 2024. These advisories provide timely information ...
6 months ago Cisa.gov
Siemens SCALANCE and RUGGEDCOM M-800/S615 Family - As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT ...
1 year ago Cisa.gov CVE-2023-44317 CVE-2023-49692
CISA pledges to resolve issues with threat sharing system after watchdog report - On Friday, the Department of Homeland Security’s Office of the Inspector General published a report on Automated Indicator Sharing (AIS) — which was used to spread cyber threat intelligence and was mandated as part of a 2015 law. The nation’s ...
6 months ago Therecord.media
CISA confirms compromise of its Ivanti systems - CISA confirmed two of its internal systems were breached by a threat actor that exploited flaws in Ivanti products used by the U.S. cybersecurity agency. Ivanti on Jan. 10 disclosed two zero-day vulnerabilities that were under exploitation by a ...
1 year ago Techtarget.com CVE-2023-46805 CVE-2024-21887
CISA Releases Three Industrial Control Systems Advisories | CISA - CISA released three Industrial Control Systems (ICS) advisories on October 3, 2024. CISA encourages users and administrators to review newly released ICS advisories for technical details and mitigations. These advisories provide timely information ...
6 months ago Cisa.gov
CISA's OT Attack Response Team Understaffed: GAO - The US Government Accountability Office has conducted a study focusing on the operational technology cybersecurity products and services offered by CISA and found that some of the security agency's teams are understaffed. OT environments continue to ...
1 year ago Securityweek.com
Delta Electronics InfraSuite Device Master - RISK EVALUATION. Successful exploitation of this vulnerability could allow remote code execution. Delta Electronics InfraSuite Device Master contains a deserialization of untrusted data vulnerability because it runs a version of Apache ActiveMQ which ...
10 months ago Cisa.gov CVE-2023-46604
Delta Electronics DOPSoft - RISK EVALUATION. Successful exploitation of this vulnerability could lead to remote code execution. The affected product is vulnerable to a stack-based buffer overflow, which may allow for arbitrary code execution if an attacker can lead a legitimate ...
1 year ago Cisa.gov CVE-2023-5944
Mitsubishi Electric FA Engineering Software Products - RISK EVALUATION. Successful exploitation of this vulnerability could allow a malicious attacker to execute malicious code by tricking legitimate users to open a specially crafted project file, which could result in information disclosure, tampering ...
1 year ago Cisa.gov CVE-2023-5247
WAGO PFC200 Series - RISK EVALUATION. Successful exploitation of this vulnerability could allow an attacker with administrative privileges to access sensitive files in an unintended, undocumented way. Compact Controller CC100: Versions later than FW19, up to and ...
1 year ago Cisa.gov CVE-2023-4089
Mitsubishi Electric Electrical Discharge Machines - RISK EVALUATION. Successful exploitation of this vulnerability could allow an attacker to disclose, tamper with, destroy or delete information in the products, or cause a denial-of-service condition on the products. Remote code execution ...
1 year ago Cisa.gov CVE-2023-21554
Mitsubishi Electric GX Works2 - RISK EVALUATION. Successful exploitation of these vulnerabilities could allow a Denial-of-service due to improper input validation in the simulation function of GX Works2 by sending specially crafted packets. An attacker may be able to cause ...
1 year ago Cisa.gov CVE-2023-5274 CVE-2023-5275
Mitsubishi Electric FA Engineering Software Products - RISK EVALUATION. Successful exploitation of these vulnerabilities could allow a malicious attacker to disclose information in the affected products. For the correspondence table of the affected products and each vulnerability, refer to Mitsubishi ...
1 year ago Cisa.gov CVE-2022-21151 CVE-2021-33149
PTC KEPServerEx - EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low attack complexity. RISK EVALUATION. Successful exploitation of these vulnerabilities could allow an attacker gaining Windows SYSTEM-level code execution on the service host and may ...
1 year ago Cisa.gov CVE-2023-5908 CVE-2023-5909
Delta Electronics InfraSuite Device Master - RISK EVALUATION. Successful exploitation of these vulnerabilities could allow an attacker to remotely execute arbitrary code and obtain plaintext credentials. In Delta Electronics InfraSuite Device Master v.1.0.7, a vulnerability exists that allows ...
1 year ago Cisa.gov CVE-2023-46690 CVE-2023-47207 CVE-2023-39226 CVE-2023-47279
Fuji Electric Tellus Lite V-Simulator - RISK EVALUATION. Successful exploitation of these vulnerabilities could crash the device being accessed, allow remote code execution, or overwrite files. Stack-based buffer overflow may occur when Fuji Electric Tellus Lite V-Simulator parses a ...
1 year ago Cisa.gov CVE-2023-35127 CVE-2023-40152 CVE-2023-5299
EFACEC BCU 500 - RISK EVALUATION. Successful exploitation of these vulnerabilities could allow an attacker to cause a denial-of-service condition on the affected product or compromise the web application through a cross-site request forgery vulnerability. Through the ...
1 year ago Cisa.gov CVE-2023-50707 CVE-2023-6689
Cyber Insights 2023: ICS and Operational Technology - The result is more than a dozen features on subjects ranging from AI, quantum encryption, and attack surface management to venture capital, regulations, and criminal gangs. At the same time, ICS/OT is facing an expanding attack surface caused by ...
2 years ago Securityweek.com
Rockwell Automation FactoryTalk Activation - RISK EVALUATION. Successful exploitation of these vulnerabilities could result in a buffer overflow and allow the attacker to gain full access to the system. Rockwell Automation FactoryTalk Activation Manager and Studio 5000 Logix Designer uses the ...
1 year ago Cisa.gov CVE-2023-38545 CVE-2023-3935

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)