Harden the configuration
Who should apply this recommendation: All users
To reduce the risk of exploitation, ARC Informatique strongly recommends implementing the following defensive measures:

Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from unsecure networks.
Locate control system networks and remote devices behind firewalls and isolate them from business networks.
When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as its connected devices.

Update PcVue
Who should apply this recommendation: All users running affected components.
Apply the patch by installing a fixed PcVue version.

A fixed release must be installed on all stations for the fix to be fully applied.
Existing projects require a settings update for the fix to be applied. The complete update procedure and verification steps are described in the Knowledge Base article KB1254 (https://www.pcvue.com/?post_type=post&s=&kbase_id=kb1254) .
For new projects, the settings are configured by default with secured values.

To verify that the patch has been applied correctly, the user must check that:

The File version property of the file ./bin/sv32.exe matches the deployed release or later, and ensure that any earlier release is no longer used;
The Interoperability issues settings of the Networking feature are disabled.

Available patches:
Patch provided in:

PcVue 16.3.4 (16.3.4902.3112)
PcVue 15.2.13 (15.2.13902.37126)
PcVue 12.0.32 (12.0.32900.37130)

CVE-2025-9998

Credits

References