CISA disclosed multiple critical vulnerabilities across industrial control systems from Fuji Electric, Delta Electronics, Survision, Radiometrics, and IDIS—raising urgent concerns for manufacturing, aviation, and commercial facility operators. The batch includes CVE-2025-54496, CVE-2025-54526, CVE-2025-58317, CVE-2025-12108, CVE-2025-61945, CVE-2025-54863, and CVE-2025-61956, covering heap and stack buffer overflows, missing authentication for critical functions, and exposed API keys across HMI software, license plate recognition cameras, CNC configuration tools, weather systems, and video platforms. What's brutal: several Radiometrics VizAir vulnerabilities carry CVSS v3.1 and v4 scores of 10.0, reflecting complete remote takeover potential. Unauthenticated access to admin panels and an exposed REST API key allow remote attackers to alter weather parameters, disable alerts, manipulate runway assignments, and flood airports with false warnings—creating real-world safety risks for pilots and air traffic control. Survision LPR cameras ship with missing authentication on configuration wizards by default, enabling full system access without credentials in many deployments. The flaws span classic memory corruption, missing authentication, and exposed credentials. Fuji Electric Monitouch V-SFT-6 can lead to arbitrary code execution if operators open crafted project files. Delta CNCSoft-G2's stack-based buffer overflow allows attackers to execute code in the context of engineering workstations handling malicious configuration data. For VizAir, manipulated weather data or runway configuration changes translate directly into halted operations, misrouted cargo, and hazardous runway conditions.
🎯CORTEX Protocol Intelligence Assessment
Business Impact: Radiometrics VizAir vulnerability chains with weaknesses in Fuji Electric, Delta Electronics, Survision, and IDIS platforms expose critical manufacturing lines, traffic systems, and aviation operations to disruption, safety incidents, and regulatory scrutiny. Manipulated weather data or license plate recognition feeds can translate directly into halted operations, misrouted cargo, and hazardous runway conditions. Technical Context: The disclosed ICS flaws span classic memory corruption, missing authentication, and exposed credentials, giving attackers multiple pathways from crafted project files and malicious firmware to full administrative control. CVSS 10.0 scores for VizAir's unauthenticated admin access and API key exposure underscore how poor identity controls in legacy ICS products magnify the impact of otherwise simple web and configuration vulnerabilities.
⚡Strategic Intelligence Guidance
- Map all Fuji Electric Monitouch, Delta CNCSoft-G2, Survision LPR, Radiometrics VizAir, and IDIS ICM deployments, prioritizing systems in aviation, manufacturing, and transportation for immediate patching.
- Enforce strong authentication and role-based access control on all ICS management interfaces, disabling default accounts, enabling configuration passwords, and enforcing client certificate authentication where available.
- Isolate ICS networks from corporate IT and the public internet using firewalls, one-way gateways where feasible, and tightly controlled VPN access with multi-factor authentication for remote engineers.
- Integrate ICS-specific detections into SOC monitoring, including alerts for unexpected configuration changes, unauthorized admin logins, and unusual API calls to weather and camera systems.
CVEs
CVE-2025-54496CVE-2025-54526CVE-2025-58317CVE-2025-12108CVE-2025-61945CVE-2025-54863CVE-2025-61956
Vendors
Fuji ElectricDelta ElectronicsSurvisionRadiometricsIDIS
Threats
Radiometrics VizAir vulnerabilityICS remote code executionMissing authentication in LPR cameras
Targets
Critical manufacturing sectorCommercial facilities sectorAviation weather and runway systems