[Control systems] CISA ICS security advisories (AV25–591)

Serial number: AV25-591
Date: September 15, 2025

Between September 8 and 14, 2025, CISA published ICS advisories to address vulnerabilities in the following products:

  • ABB ASPECT-Enterprise ASP-ENT-x – versions prior to 3.08.04-s01
  • ABB MATRIX Series MAT-x – versions prior to 3.08.04-s01
  • ABB NEXUS Series NEX-2x – versions prior to 3.08.04-s01
  • ABB NEXUS Series NEXUS-3-x – versions prior to 3.08.04-s01
  • Daikin Security Gateway – version App 100, Frm 214
  • Rockwell Automation 1783-NATR – versions prior to 1.007
  • Rockwell Automation Analytics LogixAI – versions 3.00 and 3.01
  • Rockwell Automation CompactLogix 5480 – version 32-37.011 with Windows package (2.1.0) Win10 v1607
  • Rockwell Automation ControlLogix 5580 – version 35.013
  • Rockwell Automation FactoryTalk Activation Manager – version 5.00
  • Rockwell Automation FactoryTalk Optix – versions 1.5.0 to 1.5.7
  • Rockwell Automation Stratix IOS – versions 15.2(8)E5 and prior
  • Rockwell Automation ThinManager – version 13.0 to 14.0
  • Schneider Electric EcoStruxure Server/workstation – multiple versions and platforms
  • Schneider Electric Modbus/TCP Ethernet Modicon M340 FactoryCast module – versions prior to SV6.80
  • Schneider Electric Modbus/TCP Ethernet Modicon M340 module – all versions prior to SV3.60
  • Schneider Electric Modicon M340 – all versions
  • Siemens APOGEE PXC Series (BACnet), (P2 Ethernet) – all versions
  • Siemens Industrial Edge Management OS (IEM-OS) – all versions
  • Siemens RUGGEDCOM RST2428P (6GK6242-6PA00) – all versions
  • Siemens SIMATIC PCS neo V4.1, neo V5.0 – all versions
  • Siemens SIMATIC Technology Package TPCamGen (6ES7823-0FE30-1AA0) – all versions
  • Siemens SIMATIC Virtualization as a Service (SIVaaS) – all versions
  • Siemens SIMOTION OA MIIF (6AU1820-3DA20-0AB0) – all versions
  • Siemens SIMOTION OACAMGEN (6AU1820-3EA20-0AB0) – all versions
  • Siemens SIMOTION OALECO (6AU1820-3HA20-0AB0) – all versions
  • Siemens SIMOTION OAVIBX (6AU1820-3CA20-0AB0) – all versions
  • Siemens SINAMICS G220 V6.4 – versions prior to V6.4 HF2
  • Siemens SINAMICS S200 V6.4 – all versions
  • Siemens SINAMICS S210 V6.4 – versions prior to V6.4 HF2
  • Siemens TALON TC Series (BACnet) – all versions
  • Siemens User Management Component (UMC) – versions prior to 2.15.1.3

The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates if available.

Date modified: