CISA Issues 10 ICS Advisories Detailing Vulnerabilities and Exploits

The Cybersecurity and Infrastructure Security Agency (CISA) has released ten industrial control systems (ICS) advisories on August 7, 2025, highlighting critical vulnerabilities across various industrial automation and control platforms.

These advisories represent a comprehensive effort to address security gaps that could potentially impact critical infrastructure operations across multiple sectors including manufacturing, energy, and transportation systems.

CISA’s latest batch of industrial control systems advisories demonstrates the agency’s continued commitment to protecting critical infrastructure from evolving cybersecurity threats.

The ten advisories collectively address vulnerabilities spanning different industrial control system vendors and platforms, each presenting unique security challenges that require immediate attention from industrial operators and cybersecurity professionals.

1. Delta Electronics DIAView (ICSA-25-219-01)

A path traversal flaw (CWE-22) in DIAView v4.2.0.0 and prior allows remote attackers to read or write arbitrary files.

• CVE-2025-53417: CVSS v3.1 9.8; CVSS v4.0 9.3

2. Johnson Controls FX80 and ...