← Back to home
ICSA-15-286-01  ·  Published 2025-06-09  ·  View on CISA ICS-CERT ↗

Nordex NC2 XSS Vulnerability

CVSS 6.1 MEDIUM

CVEs (1)

Remediations

  • The patching of the NC2-SCADA system has to be done by Nordex.
  • Nordex will upgrade all wind farms with a valid service contract to the patched version of the NC2-SCADA in coordination with normal maintenance operations.
  • Owners of Nordex NC2-based wind farms without a valid service contract can order the patch from Nordex by contacting their local Nordex service organization.

Affected Vendors

Nordex

Affected Products (1)

Nordex · Nordex Control 2 (NC2) SCADA <16

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more