Advantech DeviceOn/iEdge

Plan Patch8.8ICS-CERT ICSA-25-310-01Nov 6, 2025

Attack VectorNetwork

Auth RequiredLow

ComplexityLow

User InteractionNone needed

Summary

Advantech DeviceOn/iEdge versions 2.0.2 and earlier contain multiple vulnerabilities including cross-site scripting (CWE-79) and path traversal (CWE-22) that could allow an authenticated attacker to execute remote code, read arbitrary files, or cause denial of service. The vulnerabilities are exploitable from the network with low complexity and require valid user credentials.

What this means

What could happen

An attacker with valid DeviceOn/iEdge credentials could run arbitrary commands on the device, read sensitive configuration files, or crash the service, potentially disrupting remote device management and monitoring for connected industrial assets.

Who's at risk

This affects organizations using Advantech DeviceOn/iEdge for remote management and monitoring of industrial devices and control systems. Primary concern is water utilities, electric utilities, and manufacturers relying on DeviceOn/iEdge for centralized asset management and OT network visibility. The product is end-of-life.

How it could be exploited

An attacker with network access and valid user credentials would authenticate to the DeviceOn/iEdge web interface. The attacker could then inject malicious payloads via the web interface to exploit cross-site scripting or traverse the file system to access configuration files and sensitive data. With successful exploitation of code execution paths, the attacker could execute arbitrary commands on the DeviceOn/iEdge host.

Prerequisites

Network access to the DeviceOn/iEdge web interface (typically port 80/443)
Valid DeviceOn/iEdge user account credentials

Remotely exploitableRequires valid credentials (low barrier)Low attack complexityNo patch available for end-of-life productAffects device management and visibility infrastructure

Exploitability

Low exploit probability (EPSS 0.2%)

Affected products (1)

ProductAffected VersionsFix Status

DeviceOn/iEdge: <=2.0.2≤ 2.0.2No fix (EOL)

Remediation & Mitigation

0/4

Do now

0/3

HOTFIXUpgrade to Advantech DeviceOn (current version), which is not vulnerable to these vulnerabilities

WORKAROUNDRestrict network access to DeviceOn/iEdge to authorized users and management networks only using firewall rules

HARDENINGEnsure DeviceOn/iEdge is not directly accessible from the internet; place it behind a firewall and isolate from business networks

Mitigations - no patch available

0/1

DeviceOn/iEdge: <=2.0.2 has reached End of Life. The vendor will not release a patch. Apply the following compensating controls:

HARDENINGIf remote access to DeviceOn/iEdge is required, use a VPN to create an encrypted tunnel and require multi-factor authentication

CVEs (4)

CVE-2025-64302 CVE-2025-62630 CVE-2025-59171 CVE-2025-58423

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/e4ab40c6-e9e3-42f3-be65-d961b2ba1f69