CISA released seventeen Industrial Control Systems (ICS) advisories on December 14, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
[ul]
[li]ICSA-23-348-01 Cambium ePMP 5GHz Force 300-25 Radio [/li][li]ICSA-23-348-02 Johnson Controls Kantech Gen1 ioSmart[/li][li]ICSA-23-348-03 Siemens User Management Component (UMC)[/li][li]ICSA-23-348-04 Siemens LOGO! and SIPLUS LOGO![/li][li]ICSA-23-348-05 Siemens SIMATIC and SIPLUS Products[/li][li]ICSA-23-348-06 Siemens OPC UA Implementation in SINUMERIK ONE and SINUMERIK MC[/li][li]ICSA-23-348-07 Siemens SIMATIC STEP 7 (TIA Portal)[/li][li]ICSA-23-348-08 Siemens Web Server of Industrial Products[/li][li]ICSA-23-348-09 Siemens Simantic S7-1500 CPU family[/li][li]ICSA-23-348-10 Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1[/li][li]ICSA-23-348-11 Siemens SINUMERIK[/li][li]ICSA-23-348-12 Siemens SICAM Q100 Devices[/li][li]ICSA-23-348-13 Siemens SCALANCE and RUGGEDCOM M-800/S615 Family[/li][li]ICSA-23-348-14 Siemens RUGGEDCOM and SCALANCE M-800/S615 Family[/li][li]ICSA-23-348-15 Unitronics VisiLogic[/li][li]ICSA-23-348-16 Siemens SINEC INS[/li][li]ICSMA-20-254-01 Philips Patient Monitoring Devices (Update C)[/li][/ul]
CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations.