ICSA-10-348-01A
·
Published 2025-06-17
·
View on CISA ICS-CERT ↗
Wonderware InBatch Vulnerability
CVSS 10.0
CRITICAL
CVEs (1)
Remediations
- Invensys recommend that users of Wonderware InBatch and I/A Series Batch take the following mitigation steps: Install the patch located at (http://iom.invensys.com/EN/Pages/IOM_CyberSecurityUpdates.aspx)
- Install the patch when it is released. ICS-CERT will provide an update to this Advisory when a patch is released. Minimize network exposure for all control system devices. Control system devices should not directly face the Internet.ICS-CERT ALERT, (http://www.us-cert.gov/control_systems/pdf/ICS-Alert-10-301-01.pdf). Control system networks and devices should be located behind firewalls and isolated from the business network. Access to TCP Port 9001 should be restricted. If remote access is required, secure methods such as virtual private networks (VPNs) should be utilized.
- Invensys provides information and useful links related to their security updates at their Cyber Security Updates site.
Affected Vendors
Invensys
Affected Products (3)
Invensys
·
Wonderware InBatch 8.1 - InBatch Server
vers:all/*
Invensys
·
Wonderware InBatch 9.0 - InBatch Server
vers:all/*
Invensys
·
I/A Series Batch 8.1 - I/A Series Batch Server
vers:all/*
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more