Serial number: AV25-420
Date: July 14, 2025
Between July 7 and 13, 2025, CISA published ICS advisories to address vulnerabilities in the following products:
- Advantech iView – versions prior to 5.7.05 build 7057
- Delta Electronics DTM Soft – versions 1.6.0.0 and prior
- Emerson ValveLink DTM – versions prior to ValveLink 14.0
- Emerson ValveLink PRM – versions versions prior to ValveLink 14.0
- Emerson ValveLink SNAP-ON – versions prior to ValveLink 14.0
- Emerson ValveLink SOLO – versions prior to ValveLink 14.0
- End-of-Train and Head-of-Train remote linking protocol – all versions
- KUNBUS Revolution Pi OS Bullseye – version 02/2024
- KUNBUS Revolution Pi OS Bullseye – version 04/2024
- KUNBUS Revolution Pi OS Bullseye – version 06/2023
- KUNBUS Revolution Pi OS Bullseye – version 07/2023
- KUNBUS Revolution Pi OS Bullseye – version 09/2023
- KUNBUS Revolution Pi Webstatus – versions 2.4.5 and prior
- Siemens SIMATIC CN 4100 – versions prior to V4.0
- Siemens SINEC NMS – version prior to V4.0
- Siemens SIPROTEC 5 – multiple versions and models
- Siemens Solid Edge SE2025 – version prior to V225.0 Update 5
- Siemens TIA Administrator – versions prior to V3.0.6
- Siemens TIA Project-Server V17 – all versions
- Siemens TIA Project-Server – versions prior to V2.1.1
- Siemens Totally Integrated Automation Portal (TIA Portal) V17 – all versions
- Siemens Totally Integrated Automation Portal (TIA Portal) V18 – all versions
- Siemens Totally Integrated Automation Portal (TIA Portal) V19 – all versions
- Siemens Totally Integrated Automation Portal (TIA Portal) V20 – versions prior to V20 Update 3
The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates if available.