ICSA-25-238-01 · Published 2025-08-26 · View on CISA ICS-CERT ↗

INVT VT-Designer and HMITool

CVSS 7.8 HIGH

Risk Summary

Successful exploitation of these vulnerabilities could allow attackers to execute arbitrary code in the context of the current process.

CVE-2025-7223 CVE-2025-7224 CVE-2025-7225 CVE-2025-7226 CVE-2025-7227 CVE-2025-7228 CVE-2025-7229 CVE-2025-7230 CVE-2025-7231

INVT did not respond to CISA's attempt to coordinate these vulnerabilities. Users should contact INVT for more information.

INVT

INVT · VT-Designer 2.1.13

INVT · HMITool 7.1.011

Commercial Facilities, Critical Manufacturing, Energy, Information Technology, Transportation Systems

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.