CISA Releases Multiple Industrial Control Systems Vulnerability Advisories

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a series of advisories addressing newly discovered vulnerabilities in a wide range of industrial control systems (ICS) products. These advisories, released between October 13 and 21, 2025, cover products from major vendors such as Rockwell Automation, Siemens, Schneider Electric, Delta Electronics, Hitachi Energy, and Oxford Nanopore Technologies. The advisories provide technical details about the vulnerabilities, including affected versions, potential impacts, and recommended mitigations. For Rockwell Automation, advisories were published for products including the 1783-NATR, Compact GuardLogix 5370, 1715 EtherNet/IP, ArmorStart AOP, FactoryTalk Linx, FactoryTalk View Machine Edition, and PanelView Plus 7 Terminal, with some vulnerabilities identified by specific CVEs such as CVE-2025-9063 and CVE-2025-9064. Siemens products affected include SIMATIC S7-1200 CPU V1/V2 Devices, RUGGEDCOM ROS Devices, HyperLynx, Industrial Edge App Publisher, SIMATIC ET 200SP Communication Processors, SINEC NMS, SiPass Integrated, Solid Edge SE2024 and SE2025, and TeleControl Server Basic. Schneider Electric advisories addressed issues in Pro-Face GP-Pro EX and Remote HMI, Modicon Controllers, Advanced Reporting and Dashboards Module for EcoStruxure Power Operation, and EcoStruxure Power Monitoring Expert (PME) across several versions. Additional advisories were released for CloudEdge Online Cameras and App, Raisecomm RAX701-GC Series, and Oxford Nanopore Technologies MinKNOW. The advisories detail the nature of the vulnerabilities, which range from improper input validation to authentication bypass and remote code execution risks. CISA and the Canadian Centre for Cyber Security both urge ICS users and administrators to review the advisories, apply recommended mitigations, and update affected systems to reduce the risk of exploitation. The coordinated release of these advisories highlights the ongoing threat landscape facing critical infrastructure and the need for timely patch management. Many of the vulnerabilities could allow attackers to gain unauthorized access, disrupt operations, or compromise sensitive industrial processes. The advisories include links to technical documentation and vendor updates, enabling organizations to assess their exposure and take immediate action. The affected products are widely deployed in sectors such as manufacturing, energy, and utilities, increasing the urgency for remediation. CISA’s advisories are part of a broader effort to enhance the security posture of industrial environments against evolving cyber threats. The inclusion of both new and updated advisories for previously disclosed vulnerabilities demonstrates the dynamic nature of ICS security. Organizations are reminded to follow best practices for ICS security, including network segmentation, access control, and regular vulnerability assessments. The advisories also emphasize the importance of monitoring for signs of exploitation and maintaining up-to-date incident response plans. By addressing these vulnerabilities promptly, asset owners can help safeguard critical infrastructure from potential cyberattacks.