Review – Public ICS Disclosures – Week of 10-11-25 – Part 2

For Part 2 we have 11 additional vendor disclosures from Phoenix Contact (2), Rockwell Automation (2), Schneider, Sick (2), Supermicro, and Westermo (3). We have 20 bulk updates from Schneider (5), and Siemens (15). We have three additional vendor updates from B&R Automation, CODESYS, and HP. Finally, we have four researcher reports describing vulnerabilities in products from Red Lion and Ilevia (3).

Advisories

Phoenix Contact Advisory #1 - Phoenix Contact published an advisory that describes four vulnerabilities in their QUINT4-UPS EIP uninterruptible power supplies.

Phoenix Contact Advisory #2 - Phoenix Contact published an advisory that describes a code injection vulnerability in their CHARX SEC-3xxx charging controllers.

Rockwell Advisory #1 - Rockwell published an advisory that describes an uncaught exception vulnerability in their Compact GuardLogix 5370 product. Rockwell

Rockwell Advisory #2 - Rockwell published an advisory that describes two vulnerabilities in their 1715 EtherNet/IP Comms Module.

Schneider Advisory - Schneider published an advisory that describes an allocation of resources without limits or throttling vulnerability in their EcoStruxure OPC UA Server Expert and EcoStruxure Modicon Communication Server products.

Sick Advisory #1 - Sick published an advisory that describes 18 vulnerabilities in their Enterprise Analytics and Logistic Analytics products.

Sick Advisory #2 - Sick published an advisory that discusses 28 vulnerabilities in their Endress+Hauser SSG-E210GC. These are third-party vulnerabilities.

Supermicro Advisory - Supermicro published an advisory that discusses an improper access control vulnerability.

Westermo Advisory #1 - Westermo published an advisory that describes a cleartext transmission of sensitive information vulnerability in their RADIUS Server Groups.

Westermo Advisory #2 - Westermo published an advisory that describes a cleartext transmission of sensitive information in their WeOS 5.

Westermo Advisory #3 - Westermo published an advisory that describes an improper restriction of communications channel to expected endpoints vulnerability in their WeOS 5.

Bulk Updates

Schneider

• Multiple Altivar Process Drives and Communication Modules,

• Modicon Controllers M241 / M251, M258 / LMC058 and M262,

• Modicon M241 / M251 / M258 / LMC058,

• FlexNet Publisher Vulnerability, and

• Modicon Controllers M241 / M251 / M258 / LMC058

Siemens

• Vulnerability in Nozomi Guardian/CMC on RUGGEDCOM APE1808 Devices,

• Open Redirect Vulnerability in SIMATIC S7-1500 and S7-1200 CPUs,

• Multiple Vulnerabilities in User Management Component (UMC),

• Deserialization Vulnerability in Siemens Engineering Platforms,

• Denial of Service Vulnerabilities in User Management Component (UMC),

• Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW on RUGGEDCOM APE1808 Devices,

• Deserialization Vulnerability in Siemens Engineering Platforms,

• Buffer Overflow Vulnerability in RUGGEDCOM ROS Devices,

• Improper Integrity Check of Firmware Updates in SiPass integrated AC5102 / ACC-G2 and ACC-AP,

• DLL Hijacking Vulnerability in Siemens Web Installer used by the Online Software Delivery,

• Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP V1.1,

• XML External Entity (XXE) Injection Vulnerability in SIMOTION SCOUT,

• Multiple Vulnerabilities in RUGGEDCOM ROS Devices,

• Unauthenticated Information Disclosure in Web Server of SIMATIC S7-1500 CPUs, and

• Heap-based Buffer Overflow Vulnerability in User Management Component (UMC).

Updates

B&R Update - B&R published an update for their System Diagnostic Manager advisory that was originally published on October 7^th, 2025.

CODESYS Update - CODESYS published an update for their Control V3 advisory that was originally published on August 4^th, 2025, and most recently updated on September 1^st, 2025.

HP Update - HP published an update for their Intel 2024.3 IPU advisory that was originally published on October 24^th, 2024, and most recently updated on March 31^st, 2025.

Researcher Reports

Red Lion Report - Claroty published a report describing two vulnerabilities in the Red Lion Sixnet RTU’s.

Ilevia Reports - Zero Science published four reports describing vulnerabilities in the Ilevia EVE X1 Server. The reports include links to exploits.

 

For more information on these disclosures, including links to 3^rd party advisories and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-10-568 - subscription required.