CISA
Statement from Matt Hartman on the CVE Program
ABB MV Drives
1. EXECUTIVE SUMMARY
- CVSS v4 8.7
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: ABB
- Equipment: MV Drives
- Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer, Improper Input Validation, Out-of-bounds Write
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker to gain full access to the drive or cause a denial-of-service condition.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
ABB reports that the following MV Drives are affected by CODESYS RTS (Runtime System) vulnerabilities:
CISA Releases Five Industrial Control Systems Advisories
CISA released five Industrial Control Systems (ICS) advisories on April 22, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
- ICSA-25-112-01 Siemens TeleControl Server Basic SQL
- ICSA-25-112-02 Siemens TeleControl Server Basic
- ICSA-25-112-03 Schneider Electric Wiser Home Controller WHC-5918A
- ICSA-25-112-04 ABB MV Drives
- ICSA-25-035-04 Schneider Electric Modicon M580 PLCs, BMENOR2200H and EVLink Pro AC (Update A)
CISA encourages users and administrators to review newly released ICS advisories for technical details and mitigations.
Schneider Electric Wiser Home Controller WHC-5918A
1. EXECUTIVE SUMMARY
- CVSS v4 9.3
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Schneider Electric
- Equipment: Wiser Home Controller WHC-5918A
- Vulnerability: Exposure of Sensitive Information to an Unauthorized Actor
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker to disclose sensitive credentials.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
Schneider Electric reports the following products are affected:
- Wiser Home Controller WHC-5918A: All versions
3.2 VULNERABILITY OVERVIEW
3.2.1 EXPOSURE OF SENSITIVE INFORMATION TO AN UNAUTHORIZED ACTOR CWE-200
An information exposure vulnerability exists that could cause disclosure of credentials when a specially crafted message is sent to the device.
Siemens TeleControl Server Basic
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
Siemens TeleControl Server Basic SQL
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
- CVE-2025-31200 Apple Multiple Products Memory Corruption Vulnerability
- CVE-2025-31201 Apple Multiple Products Arbitrary Read and Write Vulnerability
- CVE-2025-24054 Microsoft Windows NTLM Hash Disclosure Spoofing Vulnerability
These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.
CISA Releases Six Industrial Control Systems Advisories
CISA released six Industrial Control Systems (ICS) advisories on April 17, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
- ICSA-25-107-01 Schneider Electric Trio Q Licensed Data Radio
- ICSA-25-107-02 Schneider Electric Sage Series
- ICSA-25-107-03 Schneider Electric ConneXium Network Manager
- ICSA-25-107-04 Yokogawa Recorder Products
- ICSA-24-326-04 Schneider Electric Modicon M340, MC80, and Momentum Unity M1E (Update A)
- ICSA-25-058-01 Schneider Electric Communication Modules for Modicon M580 and Quantum Controllers (Update A)
CISA encourages users and administrators to review newly released ICS advisories for technical details and mitigations.
Schneider Electric ConneXium Network Manager
1. EXECUTIVE SUMMARY
- CVSS v4 8.4
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Schneider Electric
- Equipment: ConneXium Network Manager
- Vulnerabilities: Files or Directories Accessible to External Parties, Improper Input Validation
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker to access sensitive data, escalate privileges, or perform remote code execution.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
Schneider Electric reports that the following products are affected:
- Schneider Electric ConneXium Network Manager: Version 2.0.01 (CVE-2025-2222)
- Schneider Electric ConneXium Network Manager: All versions (CVE-2025-2223)
3.2 VULNERABILITY OVERVIEW
3.2.1 FILES OR DIRECTORIES ACCESSIBLE TO EXTERNAL PARTIES CWE-552
CWE-552: Files or Directories Accessible to External Parties vulnerability over https exists that could leak information and potential privilege escalation following a Man-In-The-Middle attack.