CISA Activity - CISA Releases Nineteen Industrial Control Systems Advisories

CISA released nineteen Industrial Control Systems (ICS) advisories on October 12, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.

[ul]
[li]ICSA-23-285-01 Siemens SIMATIC CP products[/li][li]ICSA-23-285-02 Siemens SCALANCE W1750D[/li][li]ICSA-23-285-03 Siemens SICAM A8000 Devices[/li][li]ICSA-23-285-04 Siemens Xpedition Layout Browser[/li][li]ICSA-23-285-05 Siemens Simcenter Amesim[/li][li]ICSA-23-285-06 Siemens SICAM PAS/PQS[/li][li]ICSA-23-285-07 Siemens RUGGEDCOM APE180[/li][li]ICSA-23-285-08 Siemens SINEC NMS[/li][li]ICSA-23-285-09 Siemens CPCI85 Firmware of SICAM A8000 Devices[/li][li]ICSA-23-285-10 Siemens Tecnomatix Plant Simulation [/li][li]ICSA-23-285-11 Siemens Mendix Forgot Password Module[/li][li]ICSA-23-285-12 Weintek cMT3000 HMI Web CGI[/li][li]ICSA-23-285-13 Mitsubishi Electric MELSEC-F Series[/li][li]ICSA-23-285-14 Hikvision Access Control and Intercom Products[/li][li]ICSA-23-285-15 Advantech WebAccess[/li][li]ICSA-23-285-16 Schneider Electric IGSS[/li][li]ICSMA-23-285-01 Santesoft Sante DICOM Viewer Pro[/li][li]ICSMA-23-285-02 Santesoft Sante FFT Imaging[/li][li]ICSA-23-243-03 PTC Kepware KepServerEX (Update A)[/li][/ul]

CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations.

Continue reading…