ICSA-15-267-01
·
Published 2025-06-09
·
View on CISA ICS-CERT ↗
Endress+Hauser Fieldcare/CodeWrights HART Comm DTM XML Injection Vulnerability
CVSS 8.3
HIGH
CVEs (1)
Remediations
- Update to the latest version.
- Endress+Hauser and CodeWrights have provided their own security advisories and patches. (Endress+Hauser: https://portal.endress.com/webdownload/FieldCareDownloadGui/)
- Asset owners using FieldCare or CodeWright HART Comm DTMs should update their software to the newest version. (http://www.codewrights.de/index.php/en/downloads/software)
Affected Vendors
Endress+Hauser
Affected Products (1)
Endress+Hauser
·
All HART DTM components relying on Fieldcare and CodeWrights HART Comm DTM
vers:all/*
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more