Review – 3 Advisories Published – 6-3-25

Today CISA’s NCCIC-ICS published three control system security advisories for products from Mitsubishi, and Schneider (2).

Advisories

Mitsubishi Advisory - This advisory describes an improper validation of specified index, position, or offset in input vulnerability in the Mitsubishi MELSEC iQ-F Series devices.

Schneider Advisory #1 - This advisory describes a stack-based buffer overflow vulnerability in the Schneider EcoStruxure Power Build Rapsody product.

Schneider Advisory #2 - This advisory discusses a classic buffer overflow vulnerability in the Schenider Wiser AvatarOn 6K Freelocate, and Wiser Cuadro H 5P Socket.

 

For more information on these advisories, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/3-advisories-published-6-3-25 - subscription required.