The Cybersecurity and Infrastructure Security Agency (CISA) issued nine Industrial Control Systems (ICS) advisories on August 28, 2025, addressing critical vulnerabilities and exploits in widely deployed industrial automation and control products.
These advisories aim to alert organizations to emerging security issues, detail technical findings, and recommend mitigation strategies to protect vital industrial processes from exploitation.
CISA’s latest advisories span multiple vendors and product lines, reflecting the diverse ecosystem of industrial control systems in use across energy, manufacturing, and critical infrastructure sectors.
Two advisories concern Mitsubishi Electric’s MELSEC iQ-F Series CPU Module, highlighting memory corruption issues that could allow remote code execution if exploited by an attacker with network access.
Another Mitsubishi Electric update addresses firmware and software flaws in Multiple FA Engineering Software Products, underscoring the importance of applying Update D to remediate authentication bypass vulnerabilities.
Schneider Electric’s Saitel DR & Saitel DP Remote Terminal Unit received its own advisory (ICSA-25-240-03) after researchers uncovered improper input validation that could permit denial-of-service attacks or potential command injection.
Delta Electronics is also in the spotlight with two advisories: one for the CNCSoft-G2 control software and another for its COMMGR communication management package.
Both advisories describe buffer overflow and insufficient authentication weaknesses, respectively, that could lead to privilege escalation or unauthorized system manipulation.
GE Vernova’s CIMPLICITY SCADA platform, used for supervisory control and data acquisition, is addressed in ICSA-25-240-06, where issues related to improper access controls and insecure default configurations could enable attackers to disrupt monitoring and control functions.
Mitsubishi Electric’s Iconics Digital Solutions suite is covered by ICSA-25-140-04, detailing flaws in scripting interfaces and configuration management that might allow code injection or data tampering.
Finally, Hitachi Energy’s Relion 670/650 and SAM600-IO series protection relays and I/O modules are updated in ICSA-25-184-01 (Update A) after vulnerabilities in web interfaces and authentication mechanisms were identified.
Organizations using the affected products are strongly encouraged to consult the full advisory texts for in-depth technical analysis, proof-of-concept exploit details, and recommended mitigations, which generally include applying vendor-supplied patches or updates, restricting network access to ICS devices, enforcing strong authentication controls, and monitoring for anomalous activity.
CISA continues to partner with vendors to accelerate patch development and dissemination, emphasizing proactive vulnerability management to reduce risk to critical infrastructure.
| Advisory ID | Product | Vendor | Link |
|---|---|---|---|
| ICSA-25-240-01 | MELSEC iQ-F Series CPU Module | Mitsubishi Electric | https://www.cisa.gov/news-events/ics-advisories/icsa-25-240-01 |
| ICSA-25-240-02 | MELSEC iQ-F Series CPU Module | Mitsubishi Electric | https://www.cisa.gov/news-events/ics-advisories/icsa-25-240-02 |
| ICSA-25-240-03 | Saitel DR & Saitel DP Remote Terminal Unit | Schneider Electric | https://www.cisa.gov/news-events/ics-advisories/icsa-25-240-03 |
| ICSA-25-240-04 | CNCSoft-G2 | Delta Electronics | https://www.cisa.gov/news-events/ics-advisories/icsa-25-240-04 |
| ICSA-25-240-05 | COMMGR | Delta Electronics | https://www.cisa.gov/news-events/ics-advisories/icsa-25-240-05 |
| ICSA-25-240-06 | CIMPLICITY | GE Vernova | https://www.cisa.gov/news-events/ics-advisories/icsa-25-240-06 |
| ICSA-24-135-04 | Multiple FA Engineering Software Products (Update D) | Mitsubishi Electric | https://www.cisa.gov/news-events/ics-advisories/icsa-24-135-04 |
| ICSA-25-140-04 | Iconics Digital Solutions and Mitsubishi Electric Products (Update B) | Mitsubishi Electric | https://www.cisa.gov/news-events/ics-advisories/icsa-25-140-04 |
| ICSA-25-184-01 | Relion 670/650 and SAM600-IO series (Update A) | Hitachi Energy | https://www.cisa.gov/news-events/ics-advisories/icsa-25-184-01 |
By continuously monitoring new threats and working closely with vendors, CISA aims to fortify industrial control environments against increasingly sophisticated cyberattacks.
Users and administrators should review these advisories promptly and implement recommended actions to safeguard operational technology assets and maintain resilient industrial operations.
Find this Story Interesting! Follow us on Google News , LinkedIn and X to Get More Instant Updates
