Serial number: AV25-187
Date: April 7, 2025
Between March 31 and April 6, 2025, CISA published ICS advisories to address vulnerabilities in the following products:
- ABB ACS880 Drives ACS880 Primary Control Program AINLX – versions prior to v3.47
- ABB ACS880 Drives ACS880 Primary Control Program YINLX – versions prior to v1.30
- ABB ACS880 Drives ACS880 IGBT Supply Control Program AISLX – versions prior to v3.43
- ABB ACS880 Drives ACS880 IGBT Supply Control Program ALHLX – versions prior to v3.43
- ABB ACS880 Drives ACS880 IGBT Supply Control Program YISLX – versions prior to v1.30
- ABB ACS880 Drives ACS880 IGBT Supply Control Program YLHLX – versions prior to v1.30
- ABB ACS880 Drives ACS880 Position Control Program APCLX – version v1.04.0.5 and prior
- ABB ACS880 Drives ACS880 Test Bench Control Program ATBLX – version v3.44.0.0 and prior
- ABB DCT880 and DCS880 memory unit – all versions
- B&R APROL – versions prior to 4.4-01, version 4.4-00P1 and prior and version 4.4-00P5 and prior
- Hitachi Energy RTU500 series CMU – multiple versions
- Hitachi Energy TRMTracker – versions 6.3.0, 6.3.01 and version 6.2.04 and prior
- Rockwell Automation Industrial Data Center (IDC) with Veeam – generations 1 to 5
- Rockwell Automation Versavirtual Appliance with Veeam – series A to C
The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates if available.