ICONICS Suite SCADA servers, used across various critical sectors, suffered from vulnerabilities that remained unpatched for an extended period. Despite available patches, these high-severity flaws—especially CVE-2024-7587, CVE-2024-1182, CVE-2024-8299, CVE-2024-8300, and CVE-2024-9852—posed risks such as escalation of privileges, denial of service (DoS), and potentially full system compromise. These issues, identified by Palo Alto Networks' Unit 42, could allow attackers to conduct phantom DLL hijacking and enable lateral movement, evading endpoint detection and response systems in industrial control systems, threatening the integrity of crucial services provided by governmental, military, and private sector entities.
Source: https://www.scworld.com/brief/vulnerable-iconics-scada-software-still-prevalent-despite-patches
"id": "ico538031125",
"linkid": "iconics",
"type": "Vulnerability",
"date": "3/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"