[Control systems] CISA ICS security advisories (AV25–111)

Serial number: AV25-111
Date: March 3, 2025

Between February 24 and March 2, 2025, CISA published ICS advisories to address vulnerabilities in the following products:

  • Dario Health Dario Application Database and Internet-based Server Infrastructure – all versions
  • Dario Health USB-C Blood Glucose Monitoring System Starter Kit Android Applications – version 5.8.7.0.36 and prior
  • Rockwell Automation PowerFlex 755 – version 16.002.279 and prior
  • Schneider Electric Modicon M580 communication modules BMECRA BMECRA31210 – all versions
  • Schneider Electric Modicon M580 communication modules BMENOC BMENOC0321 – versions prior to SV1.10
  • Schneider Electric Modicon M580/Quantum communication modules BMXCRA BMXCRA31200 – all versions
  • Schneider Electric Modicon M580/Quantum communication modules BMXCRA BMXCRA31210 – all versions
  • Schneider Electric Modicon Quantum communication modules 140CRA 140CRA31200 – all version
  • Schneider Electric Modicon Quantum communication modules 140CRA 140CRA31908 – all versions

The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates if available.

Date modified: