CVE-2025-0921
Published May 15, 2025
Last updated 8 months ago
- Description
- Execution with Unnecessary Privileges vulnerability in multiple services of Mitsubishi Electric Iconics Digital Solutions GENESIS64 all versions, Mitsubishi Electric Iconics Digital Solutions GENESIS version 11.00, Mitsubishi Electric GENESIS64 all versions, Mitsubishi Electric MC Works64 all versions, and Mitsubishi Electric GENESIS version 11.00 allows a local authenticated attacker to make an unauthorized write to arbitrary files, by creating a symbolic link from a file used as a write destination by the services of the affected products to a target file. This could allow the attacker to destroy the file on a PC with the affected products installed, resulting in a denial-of-service (DoS) condition on the PC if the destroyed file is necessary for the operation of the PC.
- Source
- Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 6.5
- Impact score
- 4
- Exploitability score
- 2
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N
- Severity
- MEDIUM
- Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp
- CWE-250
- Hype score
- Not currently trending
Unit 42 identified CVE-2025-0921 in Iconics Suite, a supervisory control and data acquisition (SCADA) system. Successful exploitation may lead to a denial-of-service attack. Understand how privileged file system vulns are pertinent to an OT context: https://t.co/wa60k8X0Kt
@cu1993
5 Mar 2026
72 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-0921 は、監視制御およびデータ収集(SCADA)システムである Iconics Suite で確認されました。悪用に成功すると、サービス拒否攻撃につながる可能性があります。詳しくはこちら: https://t.co/EJLB62QLNy https://t
@unit42_jp
19 Feb 2026
681 Impressions
3 Retweets
5 Likes
1 Bookmark
0 Replies
0 Quotes
🛡️ التقرير الأسبوعي للأحداث السيبرانية – ثغرة في نظام ملفات ذي امتيازات عالية تؤثر على نظام SCADA: Iconics Suite ⚠️ الفئة: ثغرة 📝 ملخص الحادثة: يتناول هذا الت
@GMashari
3 Feb 2026
79 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
We identified CVE-2025-0921 in Iconics Suite, a supervisory control and data acquisition (SCADA) system. Successful exploitation may lead to a denial-of-service attack. Understand how privileged file system vulns are pertinent to an OT context: https://t.co/ckLutdHxGA https://t.c
@Unit42_Intel
2 Feb 2026
4200 Impressions
14 Retweets
33 Likes
13 Bookmarks
0 Replies
0 Quotes
【リンク集:1月30日〜2月2日のセキュリティ関連ニュース/記事】 <脆弱性> ・三菱電機のSCADAシステムに特権ファイルシステムの脆弱性が見つかる(CVE-2025-0921) https://t.co/cAFqT2ltTx <マルウェア・その他脅
@MachinaRecord
2 Feb 2026
276 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-0921 in Mitsubishi Electric Iconics Suite v10.97.2 and earlier. Privileged file system operations can trigger DoS. CVSS 6.5. Patch immediately or implement service privilege restrictions. Source: https://t.co/OiteTXiVgi
@marcgiammarco
1 Feb 2026
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Alert: A new SCADA vulnerability (CVE-2025-0921) could lead to DoS attacks in industrial systems. Ensure your systems are patched and secure. Link: https://t.co/kxD8GhpsNW #Vulnerability #Security #SCADA #Cyber #Patch #Industrial #DoS #Systems #Mitigation #Threat #Technology http
@dailytechonx
1 Feb 2026
63 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical SCADA Flaw CVE-2025-0921 Hits Global Industrial Systems Critical SCADA vulnerability CVE-2025-0921 exposes global industrial systems ... #CyberSecurity https://t.co/VN8HkiXNgD
@ctrlaltnod
31 Jan 2026
87 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
自動車やエネルギー分野などで使われるSCADA製品Iconics Suiteに、サービス停止を引き起こす恐れのある脆弱性が見つかった。産業制御システムの可用性に影響する点が懸念されている。 問題の脆弱性はCVE-2025-09
@yousukezan
31 Jan 2026
1191 Impressions
1 Retweet
9 Likes
3 Bookmarks
0 Replies
1 Quote
SCADAシステムであるIconics Suiteに、サービス拒否(DoS)を引き起こす可能性がある中程度の深刻度の脆弱性(CVE-2025-0921)が発見されました。この脆弱性は、自動車、エネルギー、製造業などの幅広い分野で導入さ
@omomuki_tech
31 Jan 2026
34 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Unit 42 detailed CVE-2025-0921, a privileged file system flaw in the Iconics Suite SCADA system, which could cause a DoS attack. https://t.co/Z819WsjM6q
@Cyber_O51NT
31 Jan 2026
694 Impressions
4 Retweets
12 Likes
1 Bookmark
1 Reply
0 Quotes
🚨 𝐏𝐫𝐢𝐯𝐢𝐥𝐞𝐠𝐞𝐝 𝐅𝐢𝐥𝐞 𝐒𝐲𝐬𝐭𝐞𝐦 𝐕𝐮𝐥𝐧𝐞𝐫𝐚𝐛𝐢𝐥𝐢𝐭𝐲 𝐏𝐫𝐞𝐬𝐞𝐧𝐭 𝐢𝐧 𝐚 𝐒𝐂𝐀𝐃𝐀 𝐒𝐲𝐬𝐭𝐞𝐦 • A vulnerability (CVE-2025-0921, CVSS 6.5) im
@PurpleOps_io
31 Jan 2026
77 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Urgent SCADA Alert! A new Privileged File System Vulnerability (CVE-2025-0921) in Iconics Suite could grant attackers full control over critical industrial systems. High severity, patch now! #SCADAsafety #CybersecurityAlert https://t.co/GyelFLjDhV
@xcybersecnews
31 Jan 2026
85 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Unit 42 Details CVE-2025-0921 in ICONICS/GENESIS64: Privileged File Ops Can Brick SCADA Hosts Unit 42 analyzed CVE-2025-0921 (CVSS 6.5) in Mitsubishi Electric ICONICS Suite/GENESIS64 where a privileged Pager Agent workflow can be abused to perform unsafe file-system
@ThreatSynop
31 Jan 2026
79 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes