The Cybersecurity and Infrastructure Security Agency (CISA) has recently published five Industrial Control Systems (ICS) advisories on May 16, 2023. These advisories aim to provide up-to-date information regarding existing security concerns, vulnerabilities, and potential exploits related to ICS.
The first advisory, ICSA-23-138-01, focuses on Carlo Gavazzi Powersoft, highlighting specific security issues and potential risks associated with this system. The second advisory, ICSA-23-138-02, centers around Mitsubishi Electric MELSEC WS, shedding light on vulnerabilities and potential threats related to this particular ICS.
The third advisory, ICSA-23-138-03, addresses Hitachi Energy MicroSCADA Pro/X SYS600, highlighting current security concerns and possible exploits that users should be aware of. The fourth advisory, ICSA-23-138-04, focuses on Johnson Controls OpenBlue Enterprise Manager Data Collector, providing crucial information about vulnerabilities and recommended mitigations.
Finally, the fifth advisory, ICSA-20-051-02, pertains to Rockwell Automation FactoryTalk Diagnostics Update B, addressing specific security updates and measures that users and administrators should undertake to protect their systems.
CISA emphasizes the importance of users and administrators reviewing these newly released ICS advisories. By doing so, they can gain valuable technical insights into the identified vulnerabilities and learn about the recommended mitigations to enhance the security of their ICS environments.
