CVE-2025-9365: Deserialization flaw in Fuji FRENIC-Loader 4 (patch 1.4.0.1)

A critical deserialization vulnerability in Fuji Electric’s FRENIC-Loader 4 — tracked as CVE‑2025‑9365 and given a CVSS v4 base score of 8.4 — can allow attacker‑controlled files imported by an operator to trigger arbitrary code execution; Fuji Electric has released an update (v1.4.0.1 or later) and CISA has published an advisory urging rapid remediation and network hardening. (fujielectric.com)

---

Background / Overview​

FRENIC‑Loader 4 is a PC utility used to manage and program a broad range of Fuji Electric AC drive products. The tool is widely used in industrial and building‑automation environments where engineering workstations and technicians exchange project and configuration files with drives and controllers. Fuji Electric’s product pages and documentation show that FRENIC‑Loader is distributed as part of support materials for AC drives and is an expected component of many maintenance and engineering toolchains. (fujielectric.com)
On September 2, 2025, CISA published an ICS advisory describing a deserialization of untrusted data vulnerability in FRENIC‑Loader 4 (versions prior to 1.4.0.1). CISA’s advisory assigns CVE‑2025‑9365 and highlights a CVSS v3.1 base score of 7.8 and a CVSS v4 base score of 8.4, with local attack vector requirements but low attack complexity and no privileges required. The advisory also notes that exploitation requires user interaction (opening or importing a crafted file) but that the outcome can be full arbitrary code execution.
This advisory is significant because engineering workstations and loader tools routinely handle project files from vendors, contractors, and third‑party partners — a realistic supply‑chain and social‑engineering path for attackers.

---

What the vulnerability is (technical summary)​

Deserialization of untrusted data — CWE‑502 explained​

• Deserialization is the process of converting a serialized data stream (bytes) back into program objects or structures.
• Unsafe deserialization occurs when an application accepts serialized input from an untrusted source and reconstitutes objects without validating type, fields, or allowed classes. That can enable an attacker to craft payloads that cause the runtime to instantiate unexpected objects or follow "gadget" call paths that lead to code execution.
• In FRENIC‑Loader 4 the unsafe deserialization happens when the application imports files through the specified import window; a crafted file can contain object forms that the loader will deserialize and execute or otherwise process in a manner that leads to arbitrary code execution.

Attack vector and preconditions​

• Attack vector: Local — the attacker must place a crafted file where an authenticated user can open or import it in FRENIC‑Loader 4. The CVSS v4 vector classifies this as AV:L.
• Privileges: None required — the vulnerability does not require the attacker to have elevated privileges on the target host (PR:N).
• User interaction: Required — exploitation requires a user to open or import the malicious file (UI:A).
• Complexity: Low — no special environment beyond getting the file to the target is required (AC:L).
• Impact: High — successful exploitation can provide arbitrary code execution in the context of the logged‑in user, with confidentiality, integrity, and availability impacts rated high.

These properties make the bug a classic post‑delivery exploitation path: the initial foothold can arrive via email attachments, shared network folders, USBs, or vendor transit files.

---

Risk Evaluation — real‑world implications​

Why this matters for industrial environments​

• Engineering workstations often run with elevated access to OT systems and may have accounts and network paths that enable pushing configurations or firmware to drives and controllers. If an attacker executes arbitrary code under those user contexts, they can pivot into OT networks, change device parameters, overwrite firmware, or install persistence mechanisms.
• Supply‑chain and partner exchanges are common in industrial settings: contractors or OEMs send project files and configuration templates that are routinely opened on engineering machines. This makes file‑based deserialization vectors particularly potent.
• Human factors: operators and technicians are expected to trust vendor files and often bypass strict checks during maintenance windows; this increases the likelihood that a crafted file will be opened.

Likely attack scenarios​

• Targeted intrusion: adversary sends a spear‑phishing message or uploads a malicious project file to a shared repository used by plant engineers. An engineer opens the file in FRENIC‑Loader and the payload executes, creating an initial foothold.
• Contractor compromise: a third‑party engineering vendor’s systems are compromised and their legitimate project files become a distribution channel for malicious payloads submitted to customers.
• Lateral movement and escalation: once code runs on an engineering host, attackers use stolen credentials, available tools, and network access to reach PLCs, drive controllers, or supervisory systems.

Because the vulnerability is not remotely exploitable in the sense of pre‑auth network RCE, exploitation requires at least some human participation or local write access. That reduces the immediate mass‑scan risk but does not eliminate real danger to high‑value targets.

---

What Fuji Electric and CISA recommend now​

• Patch: Fuji Electric recommends updating FRENIC‑Loader 4 to v1.4.0.1 or later. Applying the vendor patch is the primary mitigation. (fujielectric.com)
• Network hardening: CISA reiterates standard ICS defenses — ensure control system devices and engineering workstations are not directly accessible from the Internet, isolate OT networks behind firewalls, and segregate OT and corporate networks.
• Secure remote access: use VPNs or other secure remote access methods when remote connectivity is required, and keep those remote access solutions patched and monitored.
• Operational caution: restrict use of engineering workstations for e‑mail or web browsing; validate files from third parties before opening on production machines.
• Impact analysis: perform a business‑level impact and risk assessment before rolling patches into live control environments to avoid operational disruptions.

---

Critical analysis — strengths and limitations of current guidance​

Strengths​

• The vendor has produced a fix (v1.4.0.1), which is the most effective remediation for unsafe deserialization.
• CISA’s advisory provides clear risk context and reiterates accepted ICS hardening practices, which helps operators prioritize mitigations.
• The vulnerability’s exploit path requires local file placement and user action, creating opportunities for procedural defenses (file scanning, user awareness, restricted file exchanges).

Limitations and practical risks​

• Patching engineering tools in live OT environments can be non‑trivial: updates may change behavior, break custom scripts, or require validation against bespoke automation; many operators delay patching for operational continuity.
• The local attack vector (AV:L) does not prevent adversaries from delivering the payload through realistic supply‑chain or physical access paths; USBs, vendor shares, and spear‑phishing remain practical.
• Detection and telemetry may be limited: many industrial operations do not run host‑level EDR or don't retain adequate logs on engineering machines, making hunts and post‑incident forensics difficult.
• The advisory notes no public in‑the‑wild exploitation reported at publication, but that should not be conflated with low risk — historically, file‑triggered flaws often begin in targeted campaigns before wider adoption by cybercriminals.

---

Recommendations for operators and IT/OT teams​

Immediate (within 72 hours)​

• Inventory: identify all engineering workstations, servers, and locations where FRENIC‑Loader 4 is installed; document versions.
• Patch planning: obtain v1.4.0.1 from Fuji Electric, and plan controlled deployment — test patches in a lab or staging environment before production rollout. (fujielectric.com)
• Block risky file paths: restrict or monitor inbound file transfers to engineering machines; temporarily block external network shares and unvetted USB use where operationally possible.
• Endpoint protections: ensure endpoint protection on engineering hosts is up to date; enable execution prevention features where feasible.

Near term (1–2 weeks)​

• File handling policies: require validation, checksumming, or administrative review of any third‑party project files before they are opened on systems with FRENIC‑Loader.
• Logging and detection: enable and centralize endpoint and application logging for engineering workstations; watch for process spawns, unexpected child processes, or unsigned binaries executed by loader processes.
• Least privilege: run FRENIC‑Loader under a non‑privileged local account where practical, and avoid giving loader users domain‑admin or wide OT privileges.
• Network segmentation: verify that engineering workstations are logically separated from critical control networks and that jump servers or bastion hosts mediate any required access.

Medium term (30–90 days)​

• Application allow‑listing: implement allow‑listing on engineering hosts so only approved binaries and scripts can run.
• Replace fragile workflows: reduce reliance on ad‑hoc file exchanges by implementing secure artifact repositories with content scanning.
• Supplier security: include file validation and secure transfer requirements in procurement/contract language for third‑party vendors and integrators.

---

Detection guidance — indicators of potential exploitation​

• Unexpected child processes or command shells spawned by the loader process.
• Network connections from engineering workstations to unexpected external hosts shortly after file import actions.
• New or modified scheduled tasks, services, drivers, or persistence artifacts created by user accounts that typically do not perform such actions.
• Creation of unknown files in application directories immediately after opening/importing project files.
• Anti‑malware alerts tied to opened project files or related payloads.

Operators should collect memory and disk images from suspected hosts and preserve timestamps and original files for analysis. Because exploitation yields arbitrary code execution, forensic timelines should include user activity (file open events), process creation events, and any post‑compromise network activity.

---

Patch deployment best practices (safe rollout)​

• Test first: install v1.4.0.1 on a representative engineering workstation or in a lab that mirrors production workflows; verify that all automation scripts, device templates, and device communications behave identically.
• Staged rollout: patch a small set of non‑critical workstations first and monitor for errors for 48–72 hours before broader deployment.
• Change control: schedule updates during maintenance windows and maintain rollback plans (backup of pre‑patch images or snapshots).
• Vendor verification: download patches only from official vendor channels and validate digital signatures or checksums when provided. (fujielectric.com)

---

For defenders focused on Windows environments (practical notes)​

• Many engineering workstations in industrial settings run Windows. Apply Windows‑specific mitigations:
• Enable Windows Defender (or a reputable EDR) with script‑blocking and exploit‑mitigation features.
• Turn on Windows’ Controlled Folder Access or AppLocker where compatible with operations.
• Harden Microsoft Office and browser settings to block automatic downloads and script execution from untrusted sources.
• Limit local administrative rights — users running with admin privileges increase the blast radius of file‑based RCE.
• Use SMB/NFS share monitoring to detect suspicious file placements and anomalous write patterns from vendor accounts.

---

Longer‑term fix strategies vendors should adopt (why deserialization keeps recurring)​

• Replace insecure serialization libraries or ensure strict allow‑list deserialization: only permit deserialization of whitelisted classes and types.
• Treat file import formats as potentially hostile: always implement input validation, size controls, and strict parsing logic that fails safely.
• Adopt secure software development lifecycle (SSDLC) practices that include fuzz testing and static analysis focused on deserialization and object‑instantiation paths.
• Provide deterministic upgrade paths and clear change logs for engineering tools used in OT contexts to reduce operator friction in applying security updates.

---

Closing assessment​

CVE‑2025‑9365 in FRENIC‑Loader 4 is a high‑impact, file‑based vulnerability that maps onto classic supply‑chain and human‑interaction attack patterns familiar to both nation‑state and cybercriminal actors. While the attack requires a crafted file and local user action, the environment where FRENIC‑Loader runs — engineering workstations with privileged access to devices and networks — significantly magnifies the consequences of a successful exploit. The vendor patch (v1.4.0.1) is the correct first step; rapid, tested deployment combined with tighter file handling and segmentation will materially reduce risk. (fujielectric.com)
Operators should treat this advisory as an urgent operational risk: inventory instances of FRENIC‑Loader 4, prioritize patch testing, and apply both technical and procedural mitigations to reduce the probability that a crafted file reaches an unpatched, high‑value engineering host. Doing so closes the immediate exploit path and raises the bar significantly for attackers aiming to pivot into OT environments.

---

Source: CISA Fuji Electric FRENIC-Loader 4 | CISA