Critical Vulnerability Found in Advantech Products: Singapore’s CSA Issues High-Severity Alert

CyberDefender 4 mins0

The Cyber Security Agency of Singapore (CSA) has publicly issued an alert regarding a critical security flaw discovered in multiple Advantech IoT and edge computing products, urging users and administrators to take immediate action to mitigate potential risks.

Overview of the Vulnerability

Advantech has acknowledged and released updates to address a critical SQL injection vulnerability identified as CVE-2025-52694. With a CVSS 3.1 base score of 10.0, this flaw is classified as maximum severity—meaning it poses a significant risk if left unpatched.

This vulnerability could allow an unauthenticated remote attacker to execute arbitrary SQL commands on vulnerable systems that are exposed to the Internet, potentially leading to data compromise, system disruption, or unauthorized access—issues particularly concerning for industrial and Internet of Things (IoT) infrastructures.

Products Affected

The CSA alert specifies that several Advantech products are impacted if they are running outdated versions. These include:

  • IoTSuite SaaSComposer (versions prior to 3.4.15)
  • IoTSuite Growth Linux Docker (versions prior to V2.0.2)
  • IoTSuite Starter Linux Docker (versions prior to V2.0.2)
  • IoT Edge Linux Docker (versions prior to V2.0.2)
  • IoT Edge Windows (versions prior to V2.0.2)

Such components are commonly used in industrial IoT deployments, cloud-based device management, and edge computing environments, making the vulnerability a critical concern for organisations relying on these platforms.

Immediate Mitigation Actions

To reduce the risk of exploitation, the CSA strongly recommends that all affected users update to the latest patched versions of these products without delay.

  • For SaaSComposer, Growth Linux Docker, and IoT Edge Windows, updated releases are available directly through Advantech’s official channels.
  • For Starter Linux Docker and Edge Linux Docker, updated packages can be downloaded from Advantech’s designated download portals.

Updating ensures that the vulnerable SQL endpoints are properly secured against malicious actors seeking to exploit this weakness.

Acknowledgements and Responsible Disclosure

The CSA’s alert credits Mr Loi Nguyen Thang from the HCMUTE Information Security Club for discovering the vulnerability and responsibly disclosing it. The coordinated response between the researcher, Advantech, and the CSA underscores the importance of collaborative cybersecurity efforts to protect critical infrastructure.

What This Means for Organisations

This alert reinforces a broader trend in cybersecurity: critical vulnerabilities continue to emerge in widely deployed enterprise and IoT platforms. Keeping software up to date is essential as attackers often scan for known high-severity flaws soon after disclosure. Similar alerts have covered other high-impact vulnerabilities in enterprise systems earlier in 2026.

Key takeaways for IT and security professionals:

  • Prioritise patching of high-severity vulnerabilities immediately.
  • Maintain an inventory of all networked devices, including IoT and edge systems.
  • Subscribe to official advisories from cybersecurity authorities (e.g., CSA) to stay informed.

CyberDefender