ICSA-15-265-02
·
Published 2025-06-09
·
View on CISA ICS-CERT ↗
IBC Solar ServeMaster Source Code Vulnerability
CVSS 9.8
CRITICAL
CVEs (3)
Remediations
- Upgrade to a source that prevents disclosure of source code.
- Upgrade to a source that does not store passwords in plaintext.
- Never insert untrusted data except in allowed location.
- Additional steps are available in the pdf available from the NSA (https://www.nsa.gov/ia/_files/factsheets/xss_iad_factsheet_final_web.pdf)
Affected Vendors
IBC Solar
Affected Products (2)
IBC Solar
·
ServeMaster TLP+
vers:all/*
IBC Solar
·
Danfoss TLX Pro+
vers:all/*
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more