Serial number: AV24-537
Date: September 23, 2024
Between September 16 and 22, 2024, CISA published ICS advisories to address vulnerabilities in the following products:
- Kastle Systems Access Control System – firmware prior to May 1, 2024
- IDEC FC6A Series MICROSmart All-in-One CPU module – version 2.60 and prior
- IDEC FC6B Series MICROSmart All-in-One CPU module – version 2.60 and prior
- IDEC FC6A Series MICROSmart Plus CPU module – version 2.40 and prior
- IDEC FC6B Series MICROSmart Plus CPU module – version 2.60 and prior
- IDEC FT1A Series SmartAXIS Pro/Lite – version 2.41 and prior
- IDEC WindLDR – version 9.1.0 and prior
- IDEC WindO/I-NV4 – version 3.0.1 and prior
- MegaSys Computer Tech Telenium Online Web Application – version 8.3 and prior
- Millbeck Communications Proroute H685t-w – version 3.2.334
- Rockwell Automation RSLogix 500 – all versions
- Rockwell Automation RSLogix Micro Developer and starter – all versions
- Rockwell Automation RSLogix 5 – all versions
- Siemens SIMATIC S7-200 SMART CPU – multiple models and versions
- Yokogawa Dual-redundant Platform for Computer (PC2CKM) – versions R1.01.00 to R2.03.00
The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates.
This alert was originated From: Canadian Centre for Cyber Security
https://cyber.gc.ca/en/alerts-advisories/control-systems-cisa-ics-security-advisories-av24-537