[Control systems] CISA ICS security advisories (AV25–225)

Serial number: AV25–225
Date: April 22, 2025

Between April 14 and 20, 2025, CISA published ICS advisories to address vulnerabilities in the following products:

  • ABB M2M Gateway ARM600 – versions 4.1.2 to 5.0.3
  • ABB M2M Gateway SW – versions 5.0.1 to 5.0.3
  • Delta Electronics COMMGR (version 1 and versions 2) – all versions
  • Growatt cloud portal – versions 3.6.0 and prior
  • Lantronix Xport – versions 6.5.0.7 to 7.0.0.3
  • Mitsubishi Electric Europe B.V. smartRTU – versions 3.37 and prior
  • National Instruments LabVIEW – versions 2025 Q1 and prior
  • Schneider Electric ConneXium Network Manager – all versions
  • Schneider Electric Sage 1410 – versions C3414-500-S02K5_P8 and prior
  • Schneider Electric Sage 1430 – versions C3414-500-S02K5_P8 and prior
  • Schneider Electric Sage 1450 – versions C3414-500-S02K5_P8 and prior
  • Schneider Electric Sage 2400 – versions C3414-500-S02K5_P8 and prior
  • Schneider Electric Sage 3030 Magnum – versions C3414-500-S02K5_P8 and prior
  • Schneider Electric Sage 4400 – versions C3414-500-S02K5_P8 and prior
  • Schneider Electric Trio Q Licensed Data Radio – versions prior to 2.7.2
  • Siemens Industrial Edge Device Kit – multiple versions
  • Siemens Mendix Runtime – multiple versions
  • Siemens SIDOOR – multiple versions and models
  • Siemens SIMATIC – multiple versions and models
  • Siemens SIMOCODE – multiple versions and models
  • Siemens SIPLUS – multiple versions and models
  • Siemens SIWAREX – multiple versions and models
  • Yokogawa CX1000 / CX2000 Paperless Recorders – all version
  • Yokogawa DX1000 / DX2000 / DX1000N Paperless Recorders – versions R4.21 and prior
  • Yokogawa DX1000T / DX2000T Paperless Recorders – all versions
  • Yokogawa FX1000 Paperless Recorders – versions R1.31 and prior
  • Yokogawa GM Data Acquisition System – versions R5.05.01 and prior
  • Yokogawa GX10 / GX20 / GP10 / GP20 Paperless Recorders – versions R5.04.01 and prior
  • Yokogawa MW100 Data Acquisition Units – all versions
  • Yokogawa μR10000 / μR20000 Chart Recorders – versions R1.51 and prior

The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates if available.

Date modified: