CISA Issues New ICS Advisories Addressing Critical Vulnerabilities and Exploits

The Cybersecurity and Infrastructure Security Agency (CISA) released two critical advisories addressing significant vulnerabilities in Industrial Control Systems (ICS) that impact vital sectors, including manufacturing, energy, transportation, and healthcare.

The advisories highlight security flaws in KUNBUS GmbH’s Revolution Pi industrial PC and MicroDicom’s DICOM Viewer software, urging immediate action to mitigate risks associated with these vulnerabilities.

The Revolution Pi, an open-source industrial PC based on the Raspberry Pi platform, is widely used for industrial automation due to its modularity and cost-effectiveness.

CISA’s advisory ICSA-25-121-01 identifies three critical vulnerabilities with high severity scores affecting the Revolution Pi OS Bookworm (01/2025) and PiCtory software versions 2.5.0 through 2.11.1.

These vulnerabilities pose a severe threat to critical infrastructure sectors by potentially allowing attackers to disrupt operations, manipulate safety systems, or cause operational downtime.

While no confirmed exploitation has been reported yet, the urgency for patching and securing affected systems is paramount.

The second advisory (ICSMA-25-121-01) concerns MicroDicom’s DICOM Viewer, a tool widely used in healthcare for medical imaging.

The vulnerability involves improper certificate validation (CWE-295), which could enable attackers positioned in a privileged network role to perform man-in-the-middle (MITM) attacks. This flaw allows modification of network traffic and delivery of malicious updates to users.

The vulnerability is identified as CVE-2025-1002 with a CVSS score of 5.7, indicating moderate severity. MicroDicom recommends updating to version 2025.2 or later to mitigate this risk.

CISA advises organizations to adopt multiple defensive measures to reduce exposure and risk:

Organizations should also monitor for suspicious activity and report incidents to CISA for a coordinated response.

The recent advisories underscore the critical need for robust cybersecurity practices in industrial and healthcare control systems.

As these systems increasingly integrate with IT networks and the internet, ensuring secure configurations, timely patching, and vigilant monitoring is essential to safeguard critical infrastructure and patient safety.

The KUNBUS Revolution Pi and MicroDicom vulnerabilities serve as a stark reminder that openness and innovation in industrial IoT must be balanced with stringent security measures to prevent potentially devastating cyberattacks.

Find this Story Interesting! Follow us on LinkedIn and X to Get More Instant updates

Save my name, email, and website in this browser for the next time I comment.