Critical Vulnerabilities in Industrial Control Systems: CISA Advisories ICSA-25-091-01 and ICSA-24-331-04

CISA Issues Urgent Advisories on Critical Infrastructure Vulnerabilities

The Cybersecurity and Infrastructure Security Agency (CISA) has issued two urgent advisories regarding vulnerabilities in Industrial Control Systems (ICS) that pose significant risks to critical infrastructure. The advisories, identified as ICSA-25-091-01 and ICSA-24-331-04, aim to alert organizations to current security threats and necessary mitigations.

The first advisory, ICSA-25-091-01, highlights a severe vulnerability in Rockwell Automation’s Lifecycle Services integrated with Veeam Backup and Replication. This flaw, related to the deserialization of untrusted data, has been assigned a CVSS v4 score of 9.4, indicating a high risk of exploitation. Attackers could potentially execute arbitrary code on affected systems, leading to complete system compromise. CISA urges organizations to minimize network exposure, utilize secure access methods like VPNs, and keep their systems updated to mitigate risks.

In the second advisory, ICSA-24-331-04, CISA addresses multiple vulnerabilities in Hitachi Energy’s MicroSCADA Pro/X SYS600 system, crucial for the manufacturing and energy sectors. The most critical flaw, CVE-2024-4872, has a CVSS v3 score of 9.9, allowing authenticated attackers to inject malicious code, compromising data integrity and unauthorized access to sensitive functions. Other vulnerabilities could enable file manipulation essential to system operations.

CISA emphasizes the importance of immediate action, urging users to implement mitigations and apply patches released by Hitachi Energy for affected versions. As cyber threats continue to evolve, organizations are reminded to stay vigilant and proactive in securing their critical infrastructure against potential attacks.