CVE-2025-1283 Dingtian CVE debrief

Who should care

OT/ICS asset owners, plant operators, and security teams that manage Dingtian DT-R0 devices, especially where device management interfaces are reachable from broader internal networks or remote access paths.

Technical summary

CISA's CSAF advisory describes an authentication-bypass condition in the Dingtian DT-R0 series. The published CVSS vector is CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, indicating network-exploitable impact with no privileges and no user interaction required. Affected products listed by CISA are Dingtian DT-R002 V3.1.3044A, DT-R008 V3.1.1759A, DT-R016 V3.1.2776A, and DT-R032 V3.1.3826A.

Defensive priority

Immediate (critical)

Recommended defensive actions

• Inventory all Dingtian DT-R0 series devices and verify whether any are running the affected versions listed in the advisory.
• Restrict access to device management interfaces and remove any direct exposure from untrusted or broadly accessible networks.
• Use compensating controls such as OT network segmentation, VPN or jump-host access, and allowlisting for administrative paths.
• Review device and network logs for unexpected administrative access or other suspicious activity affecting these devices.
• Follow the CISA advisory and contact Dingtian support for product-specific guidance; the advisory states no mitigation is available at this time.

Evidence notes

This debrief is based on CISA's CSAF advisory ICSA-25-044-18 and the supplied advisory metadata, all published on 2025-02-13. The source explicitly names the affected Dingtian DT-R0 series products and versions and states that Dingtian had not responded to mitigation requests, so no mitigation was available at publication.

Official resources