CISA Releases Forty-One Industrial Control Systems Advisories

CISA has released forty-one (41) Industrial Control Systems (ICS) advisories on 15 December 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.

CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations:

• ICSA-22-349-01 Prosys OPC UA Simulation
• ICSA-22-349-02 Siemens SCALANCE X-200RNA Switch Devices
• ICSA-22-349-03 Siemens Multiple Denial of Service Vulnerabilities in Industrial Products
• ICSA-22-349-04 Siemens Multiple Vulnerabilities in SCALANCE Products
• ICSA-22-349-05 Siemens PLM Help Server
• ICSA-22-349-06 Siemens SIMATIC WinCC OA Ultralight Client
• ICSA-22-349-07 Siemens Simcenter STAR-CCM+
• ICSA-22-349-08 Siemens Polarion ALM
• ICSA-22-349-09 Siemens Products affected by OpenSSL 3.0
• ICSA-22-349-10 Siemens APOGEE_TALON Field Panels
• ICSA-22-349-11 Siemens SIPROTEC 5 Devices
• ICSA-22-349-12 Siemens Parasolid
• ICSA-22-349-13 Siemens Mendix Workflow Commons
• ICSA-22-349-14 Siemens SISCO MMS-EASE Third Party Component
• ICSA-22-349-15 Siemens Teamcenter Visualization and JT2Go
• ICSA-22-349-16 Siemens APOGEE and TALON
• ICSA-22-349-17 Siemens Mendix Email Connector
• ICSA-22-349-18 Siemens SCALANCE SC-600 Family
• ICSA-22-349-19 Siemens SICAM PAS
• ICSA-22-349-20 Siemens Teamcenter Visualization and JT2Go
• ICSA-22-349-21 Siemens SCALANCE X-200RNA Switch Devices
• ICSA-21-012-02 Siemens SCALANCE X Switches (Update C)
• ICSA-20-014-03 Siemens SCALANCE X Switches (Update B)
• ICSA-20-042-07 Siemens SCALANCE X Switches (Update C)
• ICSA-22-069-01 Siemens RUGGEDCOM Devices (Update D)
• ICSA-21-222-05 Siemens Industrial Products Intel CPUs (Update G)
• ICSA-20-161-04 Siemens SIMATIC, SINAMICS, SINEC, SINEMA, SINUMERIK (Update K)
• ICSA-22-286-09 Siemens SICAM P850 and P855 Devices (Update A)
• ICSA-22-286-11 Siemens SCALANCE and RUGGEDCOM Products (Update B)
• ICSA-22-258-04 Siemens Mendix SAML Module (Update B)
• ICSA-22-104-06 Siemens PROFINET Stack Integrated on Interniche Stack (Update E)
• ICSA-22-286-07 Siemens Nucleus RTOS FTP Server (Update A)
• ICSA-22-314-09 Siemens Teamcenter Visualization and JT2Go (Update A)
• ICSA-22-314-02 Siemens Missing Web Server Login Page of Industrial Controllers (Update A)
• ICSA-22-167-14 Siemens OpenSSL Affected Industrial Products (Update E)
• ICSA-22-132-05 Siemens Industrial PCs and CNC devices (Update A)
• ICSA-22-104-13 Siemens SIMATIC S7-1500 CPU GNU Linux subsystem (Update A)
• ICSA-18-163-02 Siemens SCALANCE X Switches (Update B)
• ICSA-22-132-12 Siemens Industrial Products (Update C)
• ICSA-20-105-08 Siemens KTK, SIDOOR, SIMATIC, and SINAMICS (Update D)
• ICSA-19-283-02 Siemens Profinet Devices (Update L)