Review – 3 Advisories and 3 Updates Published – 7-15-25

Today CISA’s NCCIC-ICS published three control system security advisories for products from LITEON, ABB, and Hitachi Energy. They also updated three previously published advisories for products from Schneider.

Advisories

LITEON Advisory - This advisory describes a cleartext storage of a password vulnerability in the LITEON IC48A and IC80A EV chargers.

ABB Advisory - This advisory describes four vulnerabilities in the ABB web UI REST Interface.

Hitachi Energy Advisory - This advisory describes the six vulnerabilities in the Hitachi Energy Asset Suite products.

Updates

Schneider Update #1 - This update provides additional information on the Uni-Telway Driver advisory that was originally published on March 11^th, 2025.

Schneider Update #2 - This update provides additional information on the Modicon Controllers advisory that was originally published on May 20^th, 2025.

Schneider Update #3 - This update provides additional information on the EcoStruxure advisory that was originally published on February 6^th, 2025, and most recently updated on March 6^th, 2025.

 

For more information on these advisories, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/3-advisories-and-3-updates-published - subscription required.