Introduction
Industrial control systems (ICS) from Rockwell Automation, Hitachi Energy [1] [3] [4] [5] [6], and Inaba Denki Sangyo are currently facing critical vulnerabilities with severity ratings as high as 9.9. These vulnerabilities pose significant risks to industries such as manufacturing and energy, necessitating immediate attention to patching and cybersecurity measures to protect essential operations.
Description
Multiple industrial control system (ICS) devices from Rockwell Automation, Hitachi Energy [1] [3] [4] [5] [6], and Inaba Denki Sangyo are impacted by critical vulnerabilities, with severity ratings reaching as high as 9.9. These vulnerabilities pose significant risks [3], including unauthorized access [1] [2] [3] [5], data breaches [2], denial-of-service attacks [2], and system disruptions [2], particularly affecting industries such as manufacturing and energy [2]. The urgent need for prompt patching and the implementation of robust cybersecurity measures is emphasized to safeguard essential industrial operations [6]. Users are strongly urged to address these vulnerabilities, which affect products including the Rockwell Automation Industrial Data Center (IDC) [1] [5], Veeam Backup and Replication [3] [4] [5], Hitachi Energy MicroSCADA Pro/X SYS600 [1] [3] [4] [5], and Inaba Denki Sangyo CHOCO TEI WATCHER mini-industrial cameras [1] [3] [5]. Organizations should consult vendor-specific guidance and ensure timely updates to protect their systems against potential exploitation [2].
The identified vulnerabilities are as follows:
- CVE-2025-23120: A deserialization of untrusted data vulnerability in Veeam Backup and Replication [5], which could allow for remote code execution in the Rockwell Automation Industrial Data Center (CVSS v3.1 score: 9.9) [5]. Successful exploitation could enable an attacker with administrative privileges to execute code on the target system [3], potentially compromising Manufacturing Execution Systems (MES) and Enterprise Resource Planning (ERP) systems [3].
- CVE-2025-25211: A weak password requirement vulnerability in Inaba Denki Sangyo CHOCO TEI WATCHER mini-industrial cameras, potentially enabling unauthorized access (CVSS v3.1 score: 9.8) [5].
- CVE-2025-26689: A forced browsing vulnerability in Inaba Denki Sangyo CHOCO TEI WATCHER mini-industrial cameras, which may lead to data tampering and modifications of product settings (CVSS v3.1 score: 9.8).
- CVE-2024-4872: An improper neutralization of special elements in data query logic vulnerability in Hitachi Energy MicroSCADA Pro/X SYS600, allowing for potential code injection (CVSS v3.1 score: 8.8) [5]. Exploitation could enable an attacker to inject code into persistent data [3], manipulate the file system [3] [4], hijack sessions [3], or conduct phishing attempts against users [3].
- CVE-2024-3980: A path traversal vulnerability in Hitachi Energy MicroSCADA Pro/X SYS600, which could facilitate file system manipulation and session hijacking (CVSS v3.1 score: 8.8) [5].
CISA emphasizes the importance of proactive cybersecurity measures, including applying patches [2], implementing network segmentation to limit potential damage [3], and enhancing system monitoring to improve the resilience of critical infrastructure against evolving cyber threats. Strong access controls and input validation are recommended to mitigate risks [3], and ongoing cybersecurity training for employees [3], particularly those working with Operational Technology (OT) systems [3], is essential to recognize phishing attempts and adhere to authentication procedures [3]. Organizations must ensure that critical ICS assets are not exposed to the Internet and are properly protected if remote access is necessary.
Conclusion
The vulnerabilities identified in ICS devices from Rockwell Automation, Hitachi Energy [1] [3] [4] [5] [6], and Inaba Denki Sangyo present significant risks to critical industries. Immediate action is required to apply patches and implement robust cybersecurity measures. Organizations must prioritize securing their systems to prevent unauthorized access and potential exploitation. Future efforts should focus on enhancing cybersecurity resilience through continuous monitoring, employee training, and adherence to best practices in access control and input validation.
References
[1] https://www.cyware.com/resources/threat-briefings/daily-threat-briefing/cyware-daily-threat-intelligence-april-11-2025
[2] https://gbhackers.com/cisa-issues-10-ics-advisories/
[3] https://cyble.com/blog/ics-vulnerability-report-energy-cyble/
[4] https://www.hackerpunk.it/blog/cyble-allerta-sulla-sicurezza-che-interessa-i-sistemi-industriali-ics/
[5] https://www.infosecurity-magazine.com/news/cyble-urges-critical-vulnerability/
[6] https://synergosconsultancy.co.uk/cybersecurity-alert-major-vulnerabilities-exposed-this-week/
