OTPulse
FeedAboutContact

IDIS ICM Viewer

Plan Patch8.8ICS-CERT ICSA-25-308-05Nov 4, 2025
Attack VectorNetwork
Auth RequiredLow
ComplexityLow
User InteractionNone needed
Summary

IDIS ICM Viewer versions up to v1.6.0.10 contain a command injection vulnerability (CWE-88) that allows an authenticated attacker to execute arbitrary code on the system where the application is installed. Successful exploitation could grant an attacker full control of the affected machine. The vulnerability is fixed in version 1.7.1.

What this means
What could happen
An attacker with valid credentials could execute arbitrary code on any machine running ICM Viewer, potentially taking control of the surveillance or monitoring system and disrupting operational visibility.
Who's at risk
Operators and security teams at water utilities, municipalities, and industrial sites that rely on IDIS ICM Viewer for surveillance, monitoring, or control system visibility should assess whether this software is in use in their environment.
How it could be exploited
An attacker with valid login credentials can authenticate to ICM Viewer and exploit a command injection vulnerability (CWE-88) to execute arbitrary code on the local system. This requires the attacker to have legitimate user credentials and network access to the ICM Viewer application.
Prerequisites
  • Valid ICM Viewer user credentials
  • Network access to the ICM Viewer application
  • ICM Viewer v1.6.0.10 or earlier installed
Remotely exploitableRequires valid credentialsArbitrary code executionAffects operational visibility and control
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (1)
ProductAffected VersionsFix Status
ICM Viewer: v1.6.0.10v1.6.0.101.7.1
Remediation & Mitigation
0/2
Do now
0/1
WORKAROUNDUninstall ICM Viewer immediately if the application is not actively used in your operation
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpgrade ICM Viewer to version 1.7.1 or later following instructions at https://icm.idisglobal.com
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/783495ff-5fb2-46be-88fe-62387f75e56f