Four Industrial Control Systems Warnings from CISA
November 7th, 2025
❓What:
On November 6, 2025, the Cybersecurity & Infrastructure Security Agency (CISA) released four Industrial Control Systems (ICS) advisories covering major vulnerabilities.
Adv. ICSA-25-310-01 (Advantech DeviceOn/iEdge ): Devices from Advantech (DeviceOn/iEdge version ≤ 2.0.2) have vulnerabilities that allow someone to upload or manipulate configuration files, traverse directories, or execute commands.
Adv. ICSA-25-310-02 (Ubia Ubox ): The Ubox (edge/IoT device) fails to adequately protect API credentials, meaning an attacker could connect to backend systems via the device.
Adv. ICSA-25-310-03 (ABB FLXeon Controllers): FLXeon controllers by ABB have multiple serious flaws (e.g., hard-coded credentials, remote code execution possibilities) making them a high-risk target in operational tech.
Adv. ICSA-25-282-01 (Hitachi Energy Asset Suite): Hitachi’s Asset Suite (industrial asset management software) has vulnerabilities that allow unauthorized data manipulation, injection of content, or other exploits in the asset-management environment.
⚠️Impact:
Operational / physical risk: Because these are ICS/OT (operational technology) systems, a breach isn’t just data theft—it could mean process disruption, unauthorized control of physical assets, or safety hazards.
Broad sector reach: The affected vendors span edge/IoT devices, controllers, asset-management platforms—so manufacturing, energy, facility operations, IoT/edge deployments all may be impacted.
Legacy/unsupported gear issue: For example, the Advantech advisory notes end-of-life status for some gear (no vendor fix) making mitigation harder and increasing migration urgency.
Attack surface expansion: These flaws show how IoT/edge/OT devices are continuing to be exploited entry points into broader industrial networks.
💡Recommendations:
Inventory & identify
Find any systems in your environment matching the vendors/products: Advantech DeviceOn/iEdge (≤ v2.0.2), Ubia Ubox devices, ABB FLXeon controllers, Hitachi Energy Asset Suite.
Check firmware/versions, network exposure.
Apply patches or mitigate
Where vendor fixes exist, apply them immediately.
For the Advantech end-of-life devices: plan for upgrade or replacement because patch support may be absent.
Network segmentation & access control
Ensure ICS/OT devices are on isolated networks, not directly exposed to internet or corporate IT without control.
Enforce least-privilege access, strong authentication, avoid default credentials.
Legacy/unsupported device strategy
For devices that are no longer supported (EOL), escalate risk, plan decommissioning or isolation.
Monitoring & anomaly detection
Monitor for unusual behavior around these devices: unexplained configuration changes, unexpected access attempts, credential misuse.
Tune SOC/OT visibility to include edge device and OT network behaviors.
Governance & stakeholder communication
Inform OT, facility, and engineering teams of these advisories.
Integrate into vulnerability management and patch-cycle workflows.
Perform risk assessments that map these vulnerabilities to your business/operational processes.
Read the full alert from CISA HERE