Mitsubishi Electric ICONICS Products Affected by Critical Vulnerabilities (CVE-2025-25164)
CISA warns of severe flaws in Mitsubishi Electric ICONICS and related products, enabling DoS, data tampering, and information disclosure risks.
Mitsubishi Electric ICONICS Products Vulnerable to Critical Exploits (CVE-2025-25164)
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has disclosed critical vulnerabilities in Mitsubishi Electric ICONICS digital solutions and related products, which could lead to denial-of-service (DoS) attacks, information tampering, and unauthorized data disclosure. The advisory (ICSA-25-352-04), published on December 18, 2024, highlights risks to operational technology (OT) environments.
Technical Details
The vulnerabilities affect multiple versions of Mitsubishi Electric ICONICS software, including:
- GENESIS64
- GENESIS32
- Hyper Historian
- AnalytiX
- Energy AnalytiX
- ReportWorX
- MobileHMI
The primary flaw, tracked as CVE-2025-25164, stems from improper input validation, allowing attackers to exploit the software remotely with low complexity. Successful exploitation could disrupt industrial processes, manipulate sensitive data, or expose confidential information.
CISA’s advisory includes a Common Security Advisory Framework (CSAF) document detailing mitigation steps and affected product versions. Security teams are urged to review the CSAF file for technical specifications.
Impact Analysis
These vulnerabilities pose significant risks to industrial control systems (ICS) and critical infrastructure sectors relying on Mitsubishi Electric ICONICS for monitoring and automation. A successful attack could:
- Disrupt operations via DoS conditions.
- Alter or delete critical data, leading to safety or compliance violations.
- Exfiltrate sensitive information, including proprietary process data or credentials.
Given the low attack complexity, organizations must prioritize patching or implementing compensating controls to mitigate exposure.
Recommendations
CISA advises affected organizations to:
- Apply patches provided by Mitsubishi Electric as soon as they become available.
- Restrict network access to vulnerable systems, particularly from untrusted zones.
- Monitor for suspicious activity using ICS-specific intrusion detection systems (IDS).
- Review the CSAF advisory for version-specific guidance and workarounds.
For further details, refer to the official CISA advisory.