iba Systems ibaPDA

Risk Summary

Successful exploitation of this vulnerability could allow an attacker to perform unauthorized actions on the file system.

CVEs (1)

Remediations

• iba Systems recommends users update to ibaPDA v8.12.1 or a later version.
• If Installing the update is not possible, iba Systems recommends users: Enable User Management:To activate user management, navigate to User Management settings under the Configure option. Set a password for the admin user to enable user management.
• Configure Server Access: To configure, open Server Access Manager (found under Configure in the ibaPDA Client). Set the configuration to restrict access. For example, only 127.0.0.1 (localhost) or specific system IP addresses to communicate with ibaPDA can connect to the ibaPDA Server. (In this example, only connections from localhost are permitted to access ibaPDA.)
• Restrict Connections to Localhost (if ibaPDA is only accessed from the system where it runs): 1) Go to I/O Manager, then General, and deactivate the option /"Automatically open necessary ports in Windows Firewall./" (If this option remains active, after a restart of ibaPDA or a restart for data acquisition, the firewall will be reconfigured automatically.) 2) Then, go to Advanced Windows Firewall settings and delete or deactivate all incoming rules for the ibaPDA Client and Server. 3) Manually create firewall rules for the connection used for ibaPDA and verify that the correct ports are configured. For assistance with identifying the ports used by the ibaPDA service can be found in the iba Help Center. 4) Note: After making the changes, verify that all ibaPDA services are operating as expected and that the data acquisition is functioning correctly.
• For more information you can view iba Systems advisory at https://www.iba-ag.com/de/security/iba-2025-04

Affected Vendors

Affected Products (1)

Affected Sectors

Critical Manufacturing