Industrial control systems worldwide face a new security threat as cybersecurity researchers have identified multiple critical vulnerabilities in Emerson’s ValveLink product suite.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued alert ICSA-25-189-01 on July 8, 2025, warning of five distinct vulnerabilities that could allow attackers to access sensitive information, tamper with system parameters, and execute unauthorized code on affected industrial control systems.
High-Risk Vulnerabilities Expose
The vulnerabilities, collectively assigned a maximum CVSS v4 score of 9.3, affect all versions of ValveLink products prior to version 14.0, including ValveLink SOLO, DTM, PRM, and SNAP-ON systems.
These industrial control systems are deployed worldwide across critical manufacturing sectors, making the potential impact substantial.
The most severe vulnerability, CVE-2025-52579, involves cleartext storage of sensitive information in memory with a CVSS v4 score of 9.3.
This flaw allows attackers with network access to potentially retrieve confidential data that should be encrypted.
Two additional vulnerabilities, CVE-2025-50109 and CVE-2025-46358, both scoring 8.5, relate to cleartext storage of sensitive information and protection mechanism failures respectively.
The security flaws enable multiple attack vectors. Attackers could exploit the cleartext storage vulnerabilities to access sensitive information that might be saved to disk, stored in core dumps, or remain uncleared after system crashes.
The protection mechanism failure allows directed attacks against the products, while uncontrolled search path elements and improper input validation create additional entry points for malicious actors.
Immediate Updates Required to Prevent Exploitation
Emerson has responded swiftly to address these vulnerabilities by releasing ValveLink 14.0, which patches all identified security flaws.
The company strongly recommends that all users immediately update their ValveLink software to version 14.0 or later, with the upgrade available for download from the Emerson website.
CISA has issued comprehensive mitigation guidance for organizations using affected systems. Key recommendations include minimizing network exposure for control system devices, ensuring systems are not accessible from the Internet, and implementing proper network segmentation with firewalls to isolate control systems from business networks.
When remote access is necessary, organizations should use secure methods such as Virtual Private Networks (VPNs) while maintaining updated security protocols.
Importantly, CISA reports that no known public exploitation specifically targeting these vulnerabilities has been documented at this time.
However, given the critical nature of these systems and the high severity scores, security experts emphasize the urgent need for organizations to implement the recommended patches and security measures immediately.
Organizations experiencing suspected malicious activity should follow established internal procedures and report findings to CISA for correlation against other incidents.
Find this Story Interesting! Follow us on Google News, LinkedIn, and X to Get More Instant updates