KUNBUS GmbH Revolution Pi (Update A)

Act Now10ICS-CERT ICSA-25-121-01May 1, 2025

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

KUNBUS Revolution Pi contains multiple authentication bypass and server-side include (SSI) execution vulnerabilities. Successful exploitation allows attackers to bypass authentication, gain unauthorized access to critical functions, and execute malicious SSI within web pages. Affected components include Revolution Pi OS Bookworm (up to 01/2025) and Revolution Pi PiCtory (versions 2.5.0 through 2.11.1).

What this means

What could happen

An attacker could bypass authentication and gain control of the Revolution Pi gateway, allowing them to modify I/O configurations, alter process setpoints, or disrupt communication between field devices and control systems without entering valid credentials.

Who's at risk

Water utilities and municipal electric providers using KUNBUS Revolution Pi gateways for I/O management and industrial protocol bridging. This affects organizations that rely on Revolution Pi for Modbus, Profibus, or other fieldbus-to-Ethernet gateway functions in SCADA systems.

How it could be exploited

An attacker with network access to the Revolution Pi web interface can send crafted requests to exploit the authentication bypass vulnerabilities and inject malicious server-side includes. This requires no prior credentials and could be performed from anywhere with network reachability to the device.

Prerequisites

Network access to the Revolution Pi web interface (typically port 80/443)
No authentication credentials required

Remotely exploitableNo authentication requiredLow complexityCVSS 10.0 (critical)Affects gateway/control system accessNo patch available yet for some products

Exploitability

Moderate exploit probability (EPSS 2.4%)

Affected products (3)

3 with fix

ProductAffected VersionsFix Status

Revolution Pi OS Bookworm: <=01/2025≤ 01/202504/30/2025 or later

Revolution Pi PiCtory: <=2.11.1≤ 2.11.12.12 or later

Revolution Pi PiCtory: >=2.5.0|<=2.11.1≥ 2.5.0|≤ 2.11.12.12 or later

Remediation & Mitigation

0/5

Do now

0/2

WORKAROUNDImmediately enable authentication on Revolution Pi web interface until patches can be applied; refer to KUNBUS authentication activation guide

HARDENINGImplement network segmentation: isolate Revolution Pi behind firewall, restrict access from business networks and Internet

Schedule — requires maintenance window

0/2

Patching may require device reboot — plan for process interruption

HOTFIXUpdate PiCtory package to version 2.12 via KUNBUS Cockpit management UI or direct package download

HOTFIXUpdate Revolution Pi OS Bookworm to the new image released 04/30/2025 or later

Long-term hardening

0/1

HARDENINGIf remote access is required, use VPN with current security updates

CVEs (4)

CVE-2025-24522 CVE-2025-32011 CVE-2025-35996 CVE-2025-36558

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/0ad173bd-cc09-4f36-b0f8-1273b487dd37