Tech »  Topic »  CISA Releases Nine Security Advisories on ICS Vulnerabilities and Exploits

CISA Releases Nine Security Advisories on ICS Vulnerabilities and Exploits


The Cybersecurity and Infrastructure Security Agency (CISA) has released nine advisories targeting security vulnerabilities in Industrial Control Systems (ICS).

These vulnerabilities pose significant risks, including denial of service (DoS), information disclosure, and even remote code execution.

Organizations using ICS technologies are urged to immediately address these vulnerabilities to avoid potential exploitation.

1. Western Telematic Inc NPS, DSM, CPM Series

CVE-2025-0630 – Western Telematic Inc’s equipment is affected by a Local File Inclusion (LFI) vulnerability stemming from external control of file names or paths (CWE-73). Authenticated users can exploit this flaw to gain privileged access to device files.

Successful exploitation could allow attackers to access sensitive files within the system, jeopardizing data confidentiality.

Affected products include Network Power Switch (NPS Series), Console Server (DSM Series), and Console Server + PDU Combo Unit (CPM Series), all running firmware version 6.62 and prior.

2. Rockwell Automation 1756-L8zS3 and 1756-L3zS3

CVE-2025-24478 – Improper handling of ...


Copyright of this story solely belongs to gbhackers . To see the full text click HERE