← Back to home
ICSA-25-210-02  ·  Published 2025-07-29  ·  View on CISA ICS-CERT ↗

Samsung HVAC DMS

CVSS 8.3 HIGH

Risk Summary

Successful exploitation of these vulnerabilities can lead to unauthenticated remote code execution.

CVEs (6)

Remediations

  • Samsung recommends users to contact a Samsung call center or installer for a software update.
  • This product is not intended to be connected to the Internet, so please disconnect it from the Internet. Refer to the following statement in the manual: "Use this product only in a separate dedicated network. Samsung Electronics is not liable for any problems caused by connecting it to the Internet or an intranet."

Affected Vendors

Samsung

Affected Products (3)

Samsung · Samsung HVAC DMS >=2.0.0|<2.3.13.0
Samsung · Samsung HVAC DMS >=2.5.0.17|<2.6.14.0
Samsung · Samsung HVAC DMS >=2.7.0.15|<2.9.3.5

Affected Sectors

Commercial Facilities, Critical Manufacturing

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more