← Back to home
ICSA-14-303-01  ·  Published 2025-06-06  ·  View on CISA ICS-CERT ↗

Nordex NC2 XSS Vulnerability

CVSS 7.5 HIGH

CVEs (1)

Remediations

  • Nordex will release a patch for all affected NC2-SCADA versions until the end of 2014. The patching of the NC2-SCADA system has to be done by Nordex.
  • Nordex will upgrade all wind farms with a valid service contract to the patched version of the NC2-SCADA in coordination with normal maintenance operations.
  • Owners of Nordex NC2-based wind farms without a valid service contract can order the patch from Nordex by contacting their local Nordex service organization.

Affected Vendors

Nordex

Affected Products (1)

Nordex · Nordex Control 2 (NC2) SCADA <=V15

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more