← Back to home
ICSA-26-050-02  ·  Published 2026-02-19  ·  View on CISA ICS-CERT ↗

Valmet DNA Engineering Web Tools

CVSS 8.6 HIGH

Risk Summary

Successful exploitation of this vulnerability could allow an unauthenticated attacker to manipulate the web maintenance services URL to achieve arbitrary file read access.

CVEs (1)

Remediations

  • Valmet has issued a fix for the reported vulnerability. Valmet recommends users reach out directly to their automation customer service group to obtain assistance with the fix: https://www.valmet.com/contact/.
  • For additional information, refer to Valmet's security advisory regarding this issue: https://www.valmet.com/company/innovation/advisories/CVE-2025-15577/.

Affected Vendors

Valmet

Affected Products (1)

Valmet · Valmet DNA Engineering Web Tools <=C2022

Affected Sectors

Critical Manufacturing, Energy

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more