ICSA-25-310-01 · Published 2025-11-06 · View on CISA ICS-CERT ↗

Advantech DeviceOn/iEdge

CVSS 8.8 HIGH

Risk Summary

Successful exploitation of these vulnerabilities could result in a denial-of-service condition, remote code execution, or an attacker reading arbitrary files.

CVEs (4)

CVE-2025-64302 CVE-2025-62630 CVE-2025-59171 CVE-2025-58423

Remediations

Advantech has stated that the listed products are end-of-life, and recommends all users upgrade their devices to DeviceOn, which is not vulnerable to these vulnerabilities. For further questions or upgrade assistance, users should contact Advantech.

Affected Vendors

Advantech

Affected Products (1)

Advantech · DeviceOn/iEdge <=2.0.2

Affected Sectors

Information Technology

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more