The Cybersecurity and Infrastructure Security Agency (CISA) has released four advisories addressing newly discovered vulnerabilities in key industrial control systems (ICS) products.
Published on September 2, 2025, these alerts underscore the growing threat landscape faced by utilities, manufacturing facilities, and critical infrastructure operators worldwide.
System administrators and security teams are urged to review the findings, apply mitigations, and bolster detection capabilities to guard against potential exploits.
- Timely information on current ICS security issues.
- Guidance on vulnerabilities, exploits, and mitigations.
- Targeted at utilities, manufacturing, and critical infrastructure.
Delta Electronics EIP Builder Flaw
The first advisory, ICSA-25-245-01, highlights a path traversal vulnerability in Delta Electronics’ EIP Builder software, a graphical interface used to configure EtherNet/IP communications for programmable logic controllers (PLCs).
An attacker with network access could craft malicious file paths that escape the application’s designated directory, enabling unauthorized file operations.
Consequences include reading sensitive configuration files, overwriting firmware images, or planting malicious payloads on engineering workstations.
- Upgrade to EIP Builder v3.2.14 immediately.
- Enforce stricter input validation.
- Restrict network access to trusted systems only.
Fuji Electric FRENIC-Loader 4 Code Execution Flaw
Advisory ICSA-25-245-02 warns of a buffer overflow in Fuji Electric’s FRENIC-Loader 4 tool, widely used for managing frequency drives in industrial motor control applications.
By sending an oversized payload via the software’s import functionality, a remote actor could overwrite critical memory regions, leading to arbitrary code execution under the context of the logged-in user.
Attackers with local system access or those who trick users into opening crafted project files could exploit this flaw and gain control over affected workstations.
Fuji Electric has issued FRENIC-Loader 4 v4.5.7 to address the flaw, incorporating bounds checking on all import operations.
Organizations should deploy the update swiftly, implement application whitelisting to restrict execution of untrusted binaries, and train personnel to verify digital signatures on any received project files before opening.
SunPower PVS6 Authentication Bypass
In advisory ICSA-25-245-03, CISA details an authentication bypass vulnerability in SunPower’s PVS6 solar inverter management platform.
The flaw allows attackers to bypass login controls and reach privileged functions simply by manipulating specific HTTP request parameters.
Once authenticated, threat actors could alter inverter settings, disable performance metrics, or interrupt grid-connected operations—jeopardizing both energy output and overall power grid stability.
SunPower has released PVS6 v2.1.4 with enhanced session validation and stricter parameter filtering.
Solar farm operators must upgrade their management consoles without delay, implement multi-factor authentication where available, and monitor web server logs for anomalous HTTP requests indicative of exploitation attempts.
Hitachi Energy Relion Series Update A Fixes Issues
The final advisory, ICSA-25-182-06 (Update A), revisits several vulnerabilities originally disclosed in June, now supplemented with additional fixes for Hitachi Energy’s Relion 670/650 and SAM600-IO protection relay families.
The newly discovered issues include insufficient input sanitization in the Modbus interface—permitting unauthorized read/write operations—and a denial-of-service condition triggered by malformed network packets.
- Apply firmware v2.0.9 for Relion 670/650 and v1.8.2 for SAM600-IO.
- Schedule upgrades during maintenance windows.
- Validate relay behavior and enforce Modbus access controls.
CISA continues to emphasize the critical importance of proactive vulnerability management within industrial environments.
These four advisories illustrate how adversaries exploit software flaws to target essential control systems.
By promptly applying vendor patches, enforcing robust network segmentation, and deploying real-time monitoring, organizations can significantly reduce the risk of ICS compromise.
For further details, consult CISA’s official ICS advisories and implement recommended mitigations as part of an ongoing security lifecycle.
Find this Story Interesting! Follow us on Google News , LinkedIn and X to Get More Instant Updates
 has released four advisories addressing newly discovered vulnerabilities.){kind=link}