Serial number: AV25–295
Date: May 26, 2025
Between May 19 and 25, 2025, CISA published ICS advisories to address vulnerabilities in the following products:
- ABUP IoT Cloud Platform – all versions
- Assured Telematics Inc (ATI) Fleet Management System – versions prior to February 6th, 2025
- AutomationDirect MB-Gateway – all versions
- Danfoss AK-SM 8xxA Series – versions prior to R4.2
- Lantronix Device Installer – versions 4.4.0.7 and prior
- Mitsubishi Electric GENESIS64 AlarmWorX Multimedia (AlarmWorX64 MMX) – all versions
- Mitsubishi Electric MC Works64 AlarmWorX Multimedia (AlarmWorX64 MMX) – all versions
- National Instruments Circuit Design Suite – versions 14.3.0 and prior
- Rockwell Automation 95057C-FTHTWXCT11 – versions v4.02.00 and prior
- Schneider Electric Galaxy VL – all versions
- Schneider Electric Galaxy VS – all versions
- Schneider Electric Galaxy VXL – all versions
- Schneider Electric Modicon Controllers LMC058 – all versions
- Schneider Electric Modicon Controllers M241 – versions prior to 5.3.12.48
- Schneider Electric Modicon Controllers M251 – versions prior to 5.3.12.48
- Schneider Electric Modicon Controllers M258 – all versions
- Schneider Electric PrismaSeT Active - Wireless Panel Server – all versions
- Siemens Siveillance Video – versions V24.1 and later
- Vertiv Liebert IS-UNITY – versions 8.4.1.0 and prior
- Vertiv Liebert RDU101 – versions 1.9.0.0 and prior
The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates if available.