[Control systems] CISA ICS security advisories (AV25–146)

Serial number: AV25-146
Date: March 17, 2025

Between March 10 and 16, 2025, CISA published ICS advisories to address vulnerabilities in the following products:

  • Optigo Visual BACnet Capture Tool – version 3.1.2rc11
  • Optigo Visual Networks Capture Tool – version 3.1.2rc11
  • Phillips Intellispace Cardiovascular (ISCV) – versions prior to 4.1 and versions prior to 5.1
  • Schneider Electric Uni-Telway Driver – multiple models and all versions
  • Siemens BRAUMAT – all versions from V8.0 SPU but not including V8.1
  • Siemens Energy Manager Pro – multiple versions
  • Siemens Industrial Edge for Machine Tools – all versions
  • Siemens IPC DiagMonitor – all versions
  • Siemens Remote Connect Server – versions prior to V3.2 SP3
  • Siemens RUGGEDCOM RM1224 LTE(4G) – multiple models and versions
  • Siemens SCALANCE – multiple models and versions
  • Siemens SIMATIC Field PGs – multiple models and versions
  • Siemens SIMATIC IPC – multiple models and versions
  • Siemens SIMATIC ITP1000 – multiple models and versions
  • Siemens SIMATIC S7-1500 TM MFP - BIOS – all versions
  • Siemens SIMIT V11 – all versions
  • Siemens SINAMICS S200 – all versions
  • Siemens SINEMA Remove Connect Client – versions prior to V3.2 SP3
  • Siemens SISTAR – all versions from V8.0 SPU but not including V8.1
  • Siemens SiPass integrated AC5102 (ACC-G2) – multiple models and all versions
  • Siemens Teamcenter Visualization – multiple models and versions
  • Siemens Tecnomatix Plant Simulation – multiple models and versions
  • Siemens WinCC Unified V18 – all versions
  • Siemens WinCC Unified V19 – versions prior to V19 Update 4
  • Sungrow iSolarCloud Android App – versions prior to 2.1.6
  • Sungrow WiNet Firmware – all versions

The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates if available.

Date modified: