ICSA-25-352-02
·
Published 2025-12-18
·
View on CISA ICS-CERT ↗
Schneider Electric EcoStruxure Foxboro DCS Advisor
CVSS 9.8
CRITICAL
CISA KEV — Known Exploited
CVEs (1)
Remediations
- Patch KB5070882 from Microsoft includes a fix for this vulnerability and is available for download directly from WSUS. Reboot may be required to complete patch update. Customers should contact and work with [Global Customer Support](https://pasupport.se.com/home) to verify update has been completed.
- Patch KB5070884 from Microsoft includes a fix for this vulnerability and is available for download directly from WSUS. Reboot may be required to complete patch update. Customers should contact and work with [Global Customer Support](https://pasupport.se.com/home) to verify update has been completed.
Affected Vendors
Microsoft
Schneider Electric
Affected Products (4)
Microsoft
·
Windows Server 2016
<10.0.14393.8524
Microsoft
·
Windows Server 2016
10.0.14393.8524
Microsoft
·
Windows Server 2022
<10.0.20348.4297
Microsoft
·
Windows Server 2022
10.0.20348.4297
Affected Sectors
Critical Manufacturing, Energy
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more