Privileged File System Vulnerability Present in a SCADA System

This Unit42 report analyzes CVE-2025-0921 in Iconics GENESIS64 (Iconics Suite), a privileged file-system-operations vulnerability that can let a local non-administrative user, especially when combined with CVE-2024-7587 which grants write access to C:\ProgramData\ICONICS, create symbolic links to redirect application log writes and overwrite critical binaries (demonstrated against cng.sys), resulting in a denial-of-service (failed boot) on affected Windows OT engineering workstations; the report includes step-by-step reproduction, screenshots, vendor advisory links, and mitigation recommendations.