Here is a summary of the CISA ICS advisory ICSA-25-212-01 for the Güralp FMUS Series Seismic Monitoring Devices, published on July 31, 2025:
For further details and proactive cybersecurity strategies, consult the full ICS-CERT Advisory.
Source: CISA CISA Releases Two Industrial Control Systems Advisories | CISA
1. Executive Summary
- CVSS v4 Score: 9.3 (Critical)
- Vendor: Güralp Systems
- Equipment: Güralp FMUS Series Seismic Monitoring Devices (All versions)
- Vulnerability: Missing Authentication for Critical Function
- CVE ID: CVE-2025-8286
- Exploitable: Remotely, with low attack complexity.
2. Risk Evaluation
- Impact: Successful exploitation allows an attacker to modify hardware configurations, manipulate data, or factory reset the device.
3. Technical Details
- Vulnerability Details:
- The affected devices expose an unauthenticated Telnet-based command line interface.
- This allows attackers, without authentication, to make critical configuration changes, manipulate device data, or reset the device.
4. Mitigations
- Vendor Coordination: Güralp did not respond to CISA’s coordination attempts.
- Recommendations:
- Contact Güralp and keep systems up to date.
- Minimize network exposure for all control system devices; do not make them accessible from the internet.
- Place control system networks and remote devices behind firewalls and isolate them from business networks.
- Use secure methods (such as VPNs) for remote access, but keep them updated and recognize VPN limitations.
- Conduct proper risk assessments before deploying measures.
- No Known Exploitation: No public exploitation reported as of publication.
5. Background
- Sectors: Critical Manufacturing
- Deployment: Worldwide
- HQ Location: United Kingdom
- Researcher: Reported by Souvik Kandar of MicroSec
References
For further details and proactive cybersecurity strategies, consult the full ICS-CERT Advisory.
Source: CISA CISA Releases Two Industrial Control Systems Advisories | CISA
