ICSA-26-006-01 · Published 2026-01-06 · View on CISA ICS-CERT ↗

Columbia Weather Systems MicroServer

CVSS 8.8 HIGH

Risk Summary

Successful exploitation of these vulnerabilities could allow an attacker to redirect connections to an attacker controlled device, gain admin access to the web portal, or gain limited shell access.

CVEs (3)

CVE-2025-61939 CVE-2025-64305 CVE-2025-66620

Remediations

Columbia Weather Systems recommends users update the MicroServer firmware to version MS_4.1_14142 or later. To obtain the update, users should contact Columbia Weather Systems Support directly via email or phone (503-629-0887) for assistance.

Affected Vendors

Columbia Weather Systems

Affected Products (1)

Columbia Weather Systems · MicroServer firmware <MS_4.1_14142

Affected Sectors

Information Technology

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more