Security

View CSAF

1. EXECUTIVE SUMMARY

• CVSS v4 8.7
• ATTENTION: Exploitable remotely/low attack complexity
• Vendor: ABB
• Equipment: MV Drives
• Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer, Improper Input Validation, Out-of-bounds Write

2. RISK EVALUATION

Successful exploitation of these vulnerabilities could allow an attacker to gain full access to the drive or cause a denial-of-service condition.

3. TECHNICAL DETAILS

3.1 AFFECTED PRODUCTS

ABB reports that the following MV Drives are affected by CODESYS RTS (Runtime System) vulnerabilities:

CISA released five Industrial Control Systems (ICS) advisories on April 22, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.

• ICSA-25-112-01 Siemens TeleControl Server Basic SQL
• ICSA-25-112-02 Siemens TeleControl Server Basic
• ICSA-25-112-03 Schneider Electric Wiser Home Controller WHC-5918A
• ICSA-25-112-04 ABB MV Drives
   
• ICSA-25-035-04 Schneider Electric Modicon M580 PLCs, BMENOR2200H and EVLink Pro AC (Update A)

CISA encourages users and administrators to review newly released ICS advisories for technical details and mitigations.

View CSAF

1. EXECUTIVE SUMMARY

• CVSS v4 9.3
• ATTENTION: Exploitable remotely/low attack complexity
• Vendor: Schneider Electric
• Equipment: Wiser Home Controller WHC-5918A
• Vulnerability: Exposure of Sensitive Information to an Unauthorized Actor

2. RISK EVALUATION

Successful exploitation of this vulnerability could allow an attacker to disclose sensitive credentials.

3. TECHNICAL DETAILS

3.1 AFFECTED PRODUCTS

Schneider Electric reports the following products are affected:

• Wiser Home Controller WHC-5918A: All versions

3.2 VULNERABILITY OVERVIEW

3.2.1 EXPOSURE OF SENSITIVE INFORMATION TO AN UNAUTHORIZED ACTOR CWE-200

An information exposure vulnerability exists that could cause disclosure of credentials when a specially crafted message is sent to the device.

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).

CISA released six Industrial Control Systems (ICS) advisories on April 17, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.

• ICSA-25-107-01 Schneider Electric Trio Q Licensed Data Radio
• ICSA-25-107-02 Schneider Electric Sage Series
• ICSA-25-107-03 Schneider Electric ConneXium Network Manager
• ICSA-25-107-04 Yokogawa Recorder Products
• ICSA-24-326-04 Schneider Electric Modicon M340, MC80, and Momentum Unity M1E (Update A)
• ICSA-25-058-01 Schneider Electric Communication Modules for Modicon M580 and Quantum Controllers (Update A)
   

CISA encourages users and administrators to review newly released ICS advisories for technical details and mitigations.

View CSAF

1. EXECUTIVE SUMMARY

• CVSS v4 8.4
• ATTENTION: Exploitable remotely/low attack complexity
• Vendor: Schneider Electric
• Equipment: ConneXium Network Manager
• Vulnerabilities: Files or Directories Accessible to External Parties, Improper Input Validation

2. RISK EVALUATION

Successful exploitation of these vulnerabilities could allow an attacker to access sensitive data, escalate privileges, or perform remote code execution.

3. TECHNICAL DETAILS

3.1 AFFECTED PRODUCTS

Schneider Electric reports that the following products are affected:

• Schneider Electric ConneXium Network Manager: Version 2.0.01 (CVE-2025-2222)
• Schneider Electric ConneXium Network Manager: All versions (CVE-2025-2223)

3.2 VULNERABILITY OVERVIEW

3.2.1 FILES OR DIRECTORIES ACCESSIBLE TO EXTERNAL PARTIES CWE-552

CWE-552: Files or Directories Accessible to External Parties vulnerability over https exists that could leak information and potential privilege escalation following a Man-In-The-Middle attack.

View CSAF

1. EXECUTIVE SUMMARY

• CVSS v4 9.3
• ATTENTION: Exploitable remotely/low attack complexity
• Vendor: Schneider Electric
• Equipment: Sage series
• Vulnerabilities: Out-of-bounds Write, Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Incorrect Default Permissions, Unchecked Return Value, Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'), Out-of-bounds Read

2. RISK EVALUATION

Successful exploitation of this vulnerability could allow an attacker to compromise the impacted device, leading to loss of data, loss of operation, or impacts to the performance of the device.

View CSAF

1. EXECUTIVE SUMMARY

• CVSS v4 5.4
• ATTENTION: Low attack complexity
• Vendor: Schneider Electric
• Equipment: Trio Q Licensed Data Radio
• Vulnerabilities: Insecure Storage of Sensitive Information, Initialization of a Resource with an Insecure Default

2. RISK EVALUATION

Successful exploitation of these vulnerabilities could allow an attacker to access confidential information, compromise the integrity, or affect the availability of the affected product.

3. TECHNICAL DETAILS

3.1 AFFECTED PRODUCTS

Schneider Electric reports that the following products are affected: