Industrial giants Siemens and Schneider Electric have released their March 2025 Patch Tuesday ICS security advisories. The cybersecurity agency CISA has also published two advisories.
Schneider Electric has published three new advisories to inform customers about three vulnerabilities affecting EcoStruxure products.
The most serious is a critical issue in Power Automation System User Interface and Microgrid Operation Large that can be exploited by an attacker to execute commands when the default password has not been changed.
The other vulnerabilities are a high-severity authentication bypass that can allow an attacker to take control of the EcoStruxure Power Automation System User Interface, and a medium-severity sensitive information disclosure issue in EcoStruxure Panel Server.
Siemens has published 11 new advisories, including several that describe critical vulnerabilities.
One of them is CVE-2024-56336, which is related to an unlocked bootloader in the Sinamics S200 servo drive system. It allows an attacker to inject malicious code or install untrusted firmware on a device.
A critical vulnerability has also been patched in the SiPass controller, which can be exploited to escalate privileges and execute arbitrary commands with root permissions. A high-severity privilege escalation flaw has also been patched in this product.
Critical and high-severity vulnerabilities that can allow authentication bypass have been fixed in Simatic, Industrial Edge for Machine Tools, Simit, and other products that use OPC UA.
Several OpenVPN issues, including critical flaws that allow arbitrary code execution, have been addressed in Sinema Remote Connect Client. A less serious OpenVPN issue has been addressed in Scalance devices.
Siemens has also informed customers about high-severity BIOS vulnerabilities in Simatic devices, and multiple potentially serious issues in Scalance LPE9403 products. Several high-severity vulnerabilities related to file parsing have been patched in Teamcenter Visualization and Tecnomatix Plant Simulation.
CISA published two new ICS advisories on Tuesday. One of them describes three vulnerabilities in two Optigo Networks capture tools. They include a critical authentication bypass flaw, and two high-severity issues that can allow an attacker to generate JWT sessions and impersonate the web application service and mislead victim clients.
The second advisory describes a Schneider Electric Uni-Telway Driver vulnerability that the vendor patched in February.
Related: ICS Patch Tuesday: Vulnerabilities Addressed by Schneider Electric, Siemens
Related: ICS Patch Tuesday: Security Advisories Published by Schneider, Siemens, Phoenix Contact, CISA