[Control systems] CISA ICS security advisories (AV25–610)

Serial number: AV25-610
Date: September 22, 2025

Between September 15 and 21, 2025, CISA published ICS advisories to address vulnerabilities in the following products:

  • Cognex In-Sight 2000, 7000, 8000 and 9000 series – versions 5.x to 6.5.1
  • Cognex In-Sight Explorer – versions 5.x to 6.5.1
  • Delta Electronics DIALink – versions V1.6.0.0 and prior
  • Dover Fueling Solutions ProGauge MagLink LX 4 and LX Plus – versions prior to 4.20.3
  • Dover Fueling Solutions ProGauge MagLink LX Ultimate – versions prior to 5.20.3
  • Hitachi Energy Asset Suite – version 9.6.4.5 and prior
  • Hitachi Energy RTU500 Series – multiple versions and platforms
  • Hitachi Energy Service Suite – versions prior to 9.6.0.4 EP4
  • Schneider Electric ATVdPAC module – versions prior to 25.0
  • Schneider Electric Altivar Series – multiple versions and models
  • Schneider Electric ILC992 InterLink Converter – all versions
  • Schneider Electric Saitel DP RTU – version 11.06.33 and prior
  • Schneider Electric Saitel DR RTU – version 11.06.29 and prior
  • Siemens INDUSTRIAL EDGE - multiple versions and platforms
  • Siemens Industrial Edge - Machine Insight App – all versions
  • Siemens OpenPCS - multiple versions and platforms
  • Siemens RUGGEDCOM NMS – all versions
  • Siemens RUGGEDCOM – multiple versions and platforms
  • Siemens SCALANCE – multiple versions and platforms
  • Siemens SIMATIC NET CP, SINEMA, and SCALANCE – multiple versions and platforms
  • Siemens SIMATIC – multiple versions and platforms
  • Siemens SIMOTION – multiple versions and platforms
  • Siemens SINAUT – multiple versions and platforms
  • Siemens SINEC NMS – versions prior to V1.0.3
  • Siemens SINEC – multiple versions and platforms
  • Siemens SINEMA Remote Connect Server – version V3.1
  • Siemens SINEMA Server V14 – all versions
  • Siemens SINEMA – multiple versions and platforms
  • Siemens SINUMERIK Operate – versions prior to V4.95 SP1
  • Siemens SIPLUS – multiple versions and platforms
  • Siemens TIA Administrator – versions prior to 1.0 SP7
  • Westermo Network Technologies WeOS 5 – version 5.23.0 and prior
  • Westermo Network Technologies WeOS 5 – version 5.24 and later

The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates if available.

Date modified: