Industrial Control Systems: Recent Updates Address Security Vulnerabilities

In response to emerging threats, administrators managing industrial control systems (ICS) from major manufacturers such as Delta Electronics, National Instruments, and Samsung are urged to promptly implement the latest updates. These updates address multiple security vulnerabilities that, if left unpatched, could allow attackers to execute malicious code on critical infrastructure systems.

ICS play a vital role in controlling sensitive processes within essential services, and any breaches in this area could lead to severe consequences. The Cybersecurity & Infrastructure Security Agency (CISA) has issued warnings regarding these vulnerabilities, emphasizing the importance of swift action from system administrators.

One of the most affected systems is National Instruments' graphical programming environment, LabVIEW. Reports indicate that there are five high-severity vulnerabilities (CVE-2025-2633, CVE-2025-2634, CVE-2025-7361, CVE-2025-7848, CVE-2025-7849) that could be exploited by attackers to push and execute malicious code on systems, potentially resulting in complete system compromise. Attackers might achieve this by provoking memory errors through unspecified methods, allowing them to run their own code. The developers assert that LabVIEW 2025 Q3 has been fortified against these threats.

Delta Electronics also faces security challenges with its DTN Soft application, which contains a high-severity vulnerability (CVE-2025-53416) that could allow the injection of harmful code. Users are advised to update to the patched versions DTN Soft 2.1.0 and DTM Soft 1.6.0.0 to mitigate risks.

Additionally, Samsung's HVAC DMS software management platform has multiple vulnerabilities that could be exploited. Attackers could potentially delete files (CVE-2025-53082) and execute malicious code (CVE-2025-53078). Administrators are encouraged to contact Samsung support to obtain the necessary security patches.

With cyber threats becoming increasingly sophisticated, ensuring that all industrial control systems are up to date with the latest security measures is crucial for safeguarding critical infrastructure from potential attacks.