ICS Critical Vulnerabilities - 20250813006

Overview

The WASOC has observed multiple advisories for Industrial Control Systems (ICS) related vendors.

What is vulnerable?

Product(s) Affected	CVE	CVSS	Severity
Siemens	CVE-2025-40746	9.3	Critical
MegaSys Computer Technologies	CVE-2025-8769	9.8	Critical
Santesoft	CVE-2025-54156	9.1	Critical

Recommendation

The WA SOC recommends administrators review the advisory and apply the recommended actions to all affected devices.

• Siemens: https://cert-portal.siemens.com/productcert/html/ssa-493787.html
• CISA: https://www.cisa.gov/news-events/alerts/2025/08/12/cisa-releases-seven-industrial-control-systems-advisories