The U.S. Cybersecurity and Infrastructure Security Agency (CISA) released five urgent advisories addressing critical vulnerabilities in widely used Industrial Control Systems (ICS) from Siemens, Schneider Electric, and ABB.
These advisories spotlight severe risks to industrial automation and critical infrastructure, underscoring the growing threat landscape facing industrial operators and system administrators.
The advisories cover:
- Siemens TeleControl Server Basic SQL (ICSA-25-112-01)
- Siemens TeleControl Server Basic (ICSA-25-112-02)
- Schneider Electric Wiser Home Controller WHC-5918A (ICSA-25-112-03)
- ABB MV Drives (ICSA-25-112-04)
- Schneider Electric Modicon M580 PLCs, BMENOR2200H, and EVLink Pro AC (Update A) (ICSA-25-035-04)
Major Vulnerabilities and Potential Impact
The vulnerabilities disclosed are wide-ranging and severe.
Siemens TeleControl Server Basic SQL is affected by multiple flaws, including SQL injection vulnerabilities (CVE-2025-40312, CVE-2025-40313) that could allow remote attackers unauthorized access to system databases, enabling data theft or manipulation.
Siemens TeleControl Server Basic also faces a privilege escalation flaw (CVE-2025-40314), which could let an attacker with local access gain elevated privileges and compromise sensitive ICS components.
Schneider Electric’s Wiser Home Controller WHC-5918A is exposed to two major vulnerabilities: an authentication bypass (CVE-2025-40321) and a remote command execution flaw (CVE-2025-40322).
Exploitation could allow attackers to manipulate home automation systems, create backdoors, or disrupt operations.
Additionally, a critical information exposure vulnerability (CVE-2024-6407, CVSS v4 score 9.3) could allow attackers to disclose sensitive credentials with a specially crafted message.
ABB’s MV Drives are susceptible to a denial-of-service (DoS) vulnerability (CVE-2025-40987), which, if exploited, could halt industrial processes, resulting in operational disruptions, revenue loss, or safety incidents.
Mitigation Steps and Industry Response
CISA urges all ICS users and administrators to review the newly released advisories for technical details and recommended mitigations.
Siemens and Schneider Electric have both released patches and firmware updates to address the identified vulnerabilities.
Administrators are strongly encouraged to:
- Apply the latest security updates and patches from vendors
- Restrict network access to affected systems
- Audit user privileges and enforce strict access controls
- Disable remote access features when not essential
The advisories serve as a stark reminder of the persistent cyber threats targeting industrial environments.
As attacks on critical infrastructure become more frequent and sophisticated, proactive vulnerability management and adherence to security best practices remain essential for safeguarding industrial operations.
CISA continues to monitor the evolving threat landscape and will provide further guidance as new vulnerabilities emerge.
Organizations are advised to stay vigilant and prioritize the timely implementation of recommended mitigations to minimize risk.
Find this Story Interesting! Follow us on LinkedIn and X to Get More Instant updates
%20(1).webp?w=1200&resize=1200,0&ssl=1&description=These advisories spotlight severe risks to industrial automation and critical infrastructure, underscoring the growing threat landscape facing industrial operators and system administrators.){kind=link}