← Back to home
ICSA-25-336-02  ·  Published 2025-12-02  ·  View on CISA ICS-CERT ↗

Iskra iHUB and iHUB Lite

CVSS 9.1 CRITICAL

Risk Summary

Successful exploitation of this vulnerability could allow a remote attacker to reconfigure devices, update firmware, and manipulate connected systems without any credentials.

CVEs (1)

Remediations

  • Iskra did not respond to CISA's request for coordination. Contact Iskra using their contact page for more information.

Affected Vendors

Iskra

Affected Products (1)

Iskra · iHUB and iHUB Lite vers:all/*

Affected Sectors

Energy

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more