CISA Issues New ICS Advisories Addressing Vulnerabilities and Exploits for Enhanced Cybersecurity Awareness

On August 26, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) released three critical advisories regarding vulnerabilities in widely-used Industrial Control Systems (ICS). These advisories focus on severe security flaws in INVT Electric’s engineering tools, Schneider Electric’s Modicon controllers, and Danfoss refrigeration systems, with CVSS v4 scores reaching as high as 8.7. The vulnerabilities identified enable remote code execution or denial-of-service (DoS) attacks, posing significant risks to organisations. CISA strongly recommends that affected organisations apply vendor patches immediately to mitigate these risks.

The first advisory, ICSA-25-238-01, details nine critical vulnerabilities in INVT Electric’s VT-Designer and HMITool software platforms. These vulnerabilities, identified by CVE numbers CVE-2025-7223 through CVE-2025-7231, primarily involve out-of-bounds write conditions and type confusion issues. Attackers can exploit these flaws to execute arbitrary code with minimal user interaction, such as opening malicious files. Meanwhile, advisory ICSA-25-238-03 highlights a vulnerability in Schneider Electric’s Modicon M340 controllers, allowing remote attackers to trigger DoS conditions through crafted FTP commands. Although Schneider Electric has released firmware updates for some affected modules, the lack of response from INVT Electric leaves users vulnerable. 

Categories: Industrial Control Systems Vulnerabilities, Remote Code Execution and Denial of Service, Vendor Patch Management 

Tags: CISA, ICS, Vulnerabilities, INVT, Schneider Electric, Modicon, Remote Code Execution, Denial of Service, CVSS, Patches