CISA Releases Two New ICS Advisories Exploits Following Vulnerabilities
\n \t
\n
<\/BR>
\n
\n \t
\n
<\/BR><\/p>\n
The Cybersecurity and Infrastructure Security Agency (CISA) released two Industrial Control Systems (ICS) advisories<\/a>, addressing critical vulnerabilities in Delta Electronics CNCSoft-G2 and Rockwell Automation GuardLogix controllers.\u00a0<\/p>\n These advisories highlight exploitable flaws in systems widely used in manufacturing, energy, and critical infrastructure sectors.\u00a0<\/p>\n The disclosures underscore escalating risks to operational technology (OT) environments, where successful exploitation could enable remote code execution, denial-of-service (DoS)<\/a> attacks and operational disruption.<\/p>\n The Delta Electronics CNCSoft-G2 advisory details four memory corruption vulnerabilities (CVE-2024-39880 to CVE-2024-39883) affecting versions prior to 2.1.0.10.\u00a0<\/p>\n These flaws, discovered by Trend Micro\u2019s Zero Day Initiative (ZDI), stem from improper validation of user-supplied data in the parsing of DPAX files\u2014a proprietary format used in computer numerical control (CNC) systems.\u00a0<\/p>\n Attackers can exploit these vulnerabilities by tricking users into opening malicious files or visiting compromised web pages, leading to:<\/p>\n All vulnerabilities carry a CVSS v4 base score of 8.4, reflecting high exploitability and impact.\u00a0<\/p>\n Mitigation requires updating to CNCSoft-G2 v2.1.0.10 and isolating control systems from untrusted networks.<\/p>\n The Rockwell Automation GuardLogix 5380 and 5580 advisory addresses CVE-2025-24478, a DoS vulnerability<\/a> in firmware versions prior to V33.017, V34.014, V35.013, and V36.011.<\/p>\n The flaw arises from improper handling of exceptional conditions in CIP (Common Industrial Protocol) message processing.\u00a0<\/p>\n Remote, non-privileged attackers can send malicious requests to trigger a major nonrecoverable fault (MNRF), forcing controllers into a halted state and requiring manual reinitialization.<\/p>\n With a CVSS v3.1 score of 6.5 and v4 score of 7.1, the vulnerability poses significant risks to industrial automation systems reliant on continuous operation.\u00a0<\/p>\n Rockwell recommends updating firmware, restricting network access via CIP Security, and implementing VPNs for remote connections.<\/p>\n CISA emphasizes proactive measures to mitigate risks:<\/p>\n The advisories arrive amid heightened scrutiny of OT security following high-profile attacks on critical infrastructure.\u00a0<\/p>\n As noted<\/a> in CISA\u2019s alert, \u201cThese vulnerabilities could be exploited by threat actors to disrupt essential services, emphasizing the need for rapid remediation\u201d.<\/p>\n CISA\u2019s latest advisories highlight persistent vulnerabilities in industrial control systems, urging immediate action to safeguard critical infrastructure.\u00a0<\/p>\n Exploits require low attack complexity, so organizations must prioritize firmware updates<\/a>, network hardening, and adherence to frameworks like NIST SP 800-82 for ICS security.\u00a0<\/p>\n As adversarial tactics evolve, collaboration between vendors, auditors, and federal agencies remains critical to maintaining resilience in an increasingly connected industrial landscape.<\/p>\n The post CISA Releases Two New ICS Advisories Exploits Following Vulnerabilities<\/a> appeared first on Cyber Security News<\/a>.<\/p>\n<\/div>\nDelta Electronics CNCSoft-G2 Vulnerabilities (ICSA-24-191-01)<\/strong><\/h2>\n
\n
Rockwell Automation GuardLogix Controllers (ICSA-25-035-02)<\/strong><\/h2>\n
Mitigation Strategies and Broader Implications<\/strong><\/h2>\n
\n