MegaSys Enterprises Telenium Online Web Application

Plan PatchCVSS 9.8ICS-CERT ICSA-25-273-01Sep 30, 2025

Oil & gas

Attack path

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

Telenium Online Web Application versions 8.4.21 and earlier are vulnerable to unauthenticated command injection via crafted HTTP requests. An attacker can inject arbitrary operating system commands that execute on the server with the privileges of the web application service account, leading to remote code execution. This affects oil and gas organizations using the application for SCADA operations, monitoring, or control.

What this means

What could happen

An attacker could inject and execute arbitrary commands on the Telenium Online Web Application server without authentication, potentially compromising the entire system, accessing sensitive data, or disrupting oil and gas operations that depend on this application for control or monitoring.

Who's at risk

Oil and gas companies using Telenium Online Web Application for SCADA operations, data acquisition, or remote monitoring. Any organization that uses this application for operational visibility or control should prioritize this immediately, especially if the application is exposed to untrusted networks.

How it could be exploited

An attacker on the network (or internet if the web application is exposed) sends a crafted HTTP request containing operating system commands. The web application fails to sanitize the input and passes the commands directly to the operating system, executing them with the privileges of the web service account.

Prerequisites

Network access to the Telenium Online Web Application HTTP/HTTPS port (typically 80 or 443)
No authentication required

remotely exploitableno authentication requiredlow complexityhigh CVSS score (9.8)

Exploitability

Some exploitation risk — EPSS score 1.6%

Affected products (1)

ProductAffected VersionsFix Status

Telenium Online Web Application: <=8.4.21≤ 8.4.21Fix available

Remediation & Mitigation

0/4

Do now

0/2

WORKAROUNDRestrict network access to the Telenium Online Web Application to only authorized users and systems; do not expose the application to the internet

HARDENINGIf remote access is required, route all traffic through a VPN and apply IP-based access controls at your firewall

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate Telenium Online Web Application to version 8.4.22 or later

Long-term hardening

0/1

HARDENINGIsolate the Telenium Online Web Application on a separate network segment from your business network and critical control system devices

CVEs (1)

CVE-2025-10659

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/d061c032-4a24-49cb-beac-d9a04d01ee04

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.