The October 2025 Patch Tuesday has introduced advisories from a number of main ICS/OT distributors, together with Siemens, Schneider Electrical, Rockwell Automation, ABB, Phoenix Contact, and Moxa.
Siemens has printed six new advisories, together with two that describe important vulnerabilities. One among them is a important flaw in TeleControl Server Fundamental, which might enable an unauthenticated, distant attacker to acquire person password hashes. The attacker can then log in and carry out unauthorized operations.
The second important bug is an authentication difficulty impacting Simatic ET 200SP communication processors. An unauthenticated, distant attacker can exploit the vulnerability to entry configuration knowledge.
A number of high- and medium-severity points have been present in Siemens SiPass, which permit an unauthenticated distant attacker to take advantage of person accounts, manipulate knowledge, impersonate customers, or execute arbitrary code on the server.
In Strong Edge, Siemens patched 4 high-severity vulnerabilities that may result in an software crash or arbitrary code execution if the attacker can persuade the sufferer to open specifically crafted information. All points have been reported to the commercial large by researcher Michael Heinzl.
The corporate has additionally knowledgeable prospects {that a} Chrome vulnerability identified to have been exploited within the wild impacts HyperLynx and Industrial Edge App Writer merchandise. As well as, prospects have been instructed about an SQL injection flaw in Sinec NMS that permits an authenticated attacker to insert malicious knowledge and escalate privileges.
Schneider Electrical has solely printed one new advisory. It describes a high-severity EcoStruxure OPC UA Server Professional product vulnerability that may be exploited to trigger a DoS situation.
Rockwell Automation has printed seven new advisories. One advisory has an general severity score of ‘important’. It addresses three flaws within the 1783-NATR configurable NAT router, together with one that may be exploited to trigger a DoS situation, take management of admin accounts, and modify NAT guidelines. Commercial. Scroll to proceed studying.
The remaining advisories handle high-severity points. Two privilege escalation flaws permitting an attacker to realize entry to information, processes and system assets have been resolved in FactoryTalk Linx.
A few different advisories handle FactoryTalk product vulnerabilities. One informs prospects about patches for FactoryTalk View Machine Version and PanelView Plus 7 flaws permitting attackers to delete information or achieve unauthorized entry to the product. The second advisory covers a DoS difficulty in FactoryTalk ViewPoint.
Rockwell has additionally launched patches for DoS vulnerabilities within the 1715 EtherNet/IP Communications Module, Compact GuardLogix 5370 controllers, and ArmorStart distributed motor controllers.
The cybersecurity company CISA has printed its personal advisory for the Rockwell 1715 EtherNet/IP vulnerabilities.
Phoenix Contact this week launched two new advisories. One describes a number of vulnerabilities in QUINT4 UPS units that may enable an unauthenticated, distant attacker to conduct DoS assaults and collect login credentials. The second advisory describes a vulnerability within the firmware of CHARX SEC-3xxx charging controllers that may be exploited for command injection with root privileges.
Germany’s CERT@VDE has picked up the Phoenix Contact advisories and as well as it has printed an advisory for a Murrelektronik product difficulty that exposes delicate data.
ABB printed just one advisory on Patch Tuesday, however launched a number of others in latest days. The Patch Tuesday advisory covers three medium-severity B&R Automation Runtime SDM points permitting session takeover, code execution, and the injection of method knowledge right into a CSV file.
The opposite latest advisories describe safety holes in MConfig (cleartext password dumping), Automation Runtime (DoS), and EIBPORT (XSS).
Moxa printed two advisories this month, on October 9. The corporate introduced patches for hardcoded SSH non-public key and encryption-related points in TRC-2190 collection merchandise.
Associated: ICS Patch Tuesday: Rockwell Automation Leads With 8 Safety Advisories
Associated: ICS Patch Tuesday: Main Distributors Handle Code Execution Vulnerabilities
