On June 13, 2024, CISA released twenty new advisories addressing critical vulnerabilities in Industrial Control Systems (ICS). These advisories provide essential information on security issues affecting various products and highlight the need for timely updates and mitigations. The advisories cover a broad range of systems from Siemens, Rockwell Automation, and Mitsubishi Electric.
The Siemens advisories include vulnerabilities in products such as Mendix Applications, SIMATIC S7-200 SMART Devices, TIA Administrator, and many others. These advisories emphasize the critical nature of the issues, which could impact the security and functionality of industrial control systems. Similarly, Rockwell Automation’s advisories focus on multiple versions of FactoryTalk View SE, highlighting potential risks and necessary updates.
Mitsubishi Electric products are also covered in the advisories, including updates for MELSEC-Q/L Series and multiple other products. These advisories address vulnerabilities that could pose significant risks if not patched promptly. The detailed information provided aims to help users and administrators protect their systems from potential exploits.
CISA urges all affected users and administrators to review the advisories carefully and apply the recommended mitigations. Addressing these vulnerabilities is crucial for maintaining the security and integrity of industrial control systems and preventing potential disruptions or attacks.
Reference:
