ASKI Energy ALS-Mini-S8 and ALS-Mini-S4

Source: All CISA Advisories | Added:

A critical vulnerability has been identified in ASKI Energy's ALS-mini-S4 and ALS-mini-S8 IP controllers, allowing unauthorized access to device configurations due to missing authentication. The vulnerability, assigned CVE-2025-9574, has a CVSS score of 9.9, indicating high severity and potential for exploitation.

---

Impact: ASKI Energy ALS-mini-S4, ASKI Energy ALS-mini-S8

In the Wild: No

Age: Newly disclosed

Remediation: Ensure the product is not exposed to the public internet, use firewalls to control network traffic, monitor access, and physically disconnect the ethernet port if not in use.

Read Full Original Article →