Serial number: AV25–682
Date: October 20, 2025
Between October 13 and 19, 2025, CISA published ICS advisories to address vulnerabilities in the following products:
- Delta Electronics CNCSoft-G2 – multiple versions
- Hitachi Energy MACH GWS – versions 3.0.0.0 to 3.4.0.0
- Rockwell Automation 1715 EtherNet/IP – version 3.003 and prior
- Rockwell Automation ArmorStart AOP – version V2.05.07 and prior
- Rockwell Automation FactoryTalk Linx – version 6.40 and prior
- Rockwell Automation FactoryTalk View Machine Edition – versions prior to V15.00 (CVE-2025-9064)
- Rockwell Automation PanelView Plus 7 Terminal – version 14 and prior
- Rockwell Automation PanelView Plus 7 – versions V14.100 (CVE-2025-9063)
- Schneider Electric Advanced Reporting and Dashboards Module optional component of EcoStruxure Power Operation (EPO) installed with EcoStruxure Power Monitoring Expert (PME) – multiple versions and platforms
- Schneider Electric EcoStruxure Power Monitoring Expert (PME): version 2022, 2023, 2024 and 2024 R2
- Siemens HyperLynx – all versions
- Siemens Industrial Edge App Publisher – versions prior to 1.23.5
- Siemens SIMATIC ET 200SP Communication Processors – multiple versions and models
- Siemens SINEC NMS – versions prior to V4.0 SP1
- Siemens SiPass Integrated – versions prior to V3.0
- Siemens Solid Edge SE2024 – versions prior to V224.0 Update 14
- Siemens Solid Edge SE2025 – versions prior to V225.0 Update 6
- Siemens TeleControl Server Basic V3.1 – version V3.1.2.2 and up to but not including V3.1.2.3
The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates if available.