Primary

Context

IDIS ICM Viewer Argument Injection Vulnerability Allowing Arbitrary Code Execution

Vulnerability

An argument injection vulnerability has been identified in IDIS ICM Viewer version 1.6.0.10. This vulnerability could allow an attacker to execute arbitrary code on the host machine where the application is running.

Impact

Exploitation of this vulnerability could lead to arbitrary code execution on the host machine.

Remediation

Users are advised to upgrade to IDIS ICM Viewer version 1.7.1. For those not using ICM Viewer, it is recommended to uninstall the program immediately. CISA also suggests minimizing network exposure for control system devices and using firewalls to isolate them from business networks.

Added: Nov 6, 2025, 6:08 PM

Updated: Nov 6, 2025, 9:40 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

5.2

remediation

7.7

relevance

0.9

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

5.2

remediation

7.7

relevance

0.9

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

IDIS ICM Viewer Argument Injection Vulnerability Allowing Arbitrary Code Execution

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating