The recent release of six Industrial Control Systems (ICS) advisories by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has brought attention to critical vulnerabilities that could potentially compromise the security of various systems. These advisories serve as a warning to organizations about the risks associated with unauthorized access, system compromise, or exposure of sensitive data if these issues are not addressed promptly.
One of the advisories issued by CISA pertains to mySCADA’s myPRO Manager software, which was found to have two critical vulnerabilities that could allow remote attackers to execute arbitrary OS commands. These vulnerabilities, identified as CVE-2025-20061 and CVE-2025-20014, received a severity score of 9.3 on the Common Vulnerability Scoring System (CVSS) v4. Organizations using vulnerable versions of mySCADA should update their systems immediately to the latest release provided by the vendor.
Another advisory highlights a security flaw in Hitachi Energy’s RTU500 series firmware, which allows authenticated users to bypass secure update checks, potentially enabling the installation of unsigned firmware. This vulnerability, identified as CVE-2024-2617 and scored 7.2 on CVSS v3, could be exploited by attackers to manipulate firmware updates. Administrators are urged to implement firmware updates signed by the vendor and restrict access to authorized personnel only.
A notable vulnerability was also identified in Schneider Electric’s EVlink Home Smart and Schneider Charge systems. These devices were found to have a cleartext storage of sensitive information, which could expose test credentials in firmware binaries. The vulnerability, identified as CVE-2024-8070 and scored 8.5 on CVSS v3, could simplify unauthorized access to sensitive data. Users are advised to apply the latest firmware updates or restrict physical and network access to these devices to mitigate the risk.
In addition to Schneider Electric’s EVlink Home Smart and Schneider Charge systems, the Easergy Studio platform was also found to have a privilege escalation vulnerability. This flaw, identified as CVE-2024-9002 and scored 7.8 on CVSS v3, could allow attackers with system access to gain elevated privileges. Organizations utilizing Easergy Studio should apply updates from Schneider Electric and restrict user access on affected systems.
Furthermore, the EcoStruxure Power Build Rapsody software by Schneider Electric was discovered to have a memory buffer restriction vulnerability that could enable attackers to execute arbitrary code by opening a malicious project file. This vulnerability, identified as CVE-2024-11139 and rated 4.6 on CVSS v4, highlights the importance of updating to the latest version or avoiding opening untrusted project files.
Lastly, HMS Networks’ Ewon Flexy 202 device was found to transmit user credentials in cleartext format, making them susceptible to interception. This vulnerability, identified as CVE-2025-0432 and scored 6.9 on CVSS v4, underscores the need for users to restrict network access to affected devices and apply encryption protocols where feasible.
Overall, the release of these ICS advisories by CISA underscores the critical importance of industrial organizations staying vigilant against evolving cybersecurity threats. To mitigate risks, organizations are advised to apply the latest patches or updates provided by vendors, restrict access to ICS systems, enforce strong authentication policies, and monitor networks for unusual activity targeted at exposed ICS endpoints. By taking proactive measures to address these vulnerabilities, organizations can enhance the security of their critical systems and protect against potential cyber threats.