[Control systems] CISA ICS security advisories (AV24–665)

Serial number: AV24-665
Date: November 18, 2024

Between November 11 and November 17, 2024, CISA published ICS advisories to address vulnerabilities in the following products:

  • 2N Access Commander – versions 3.1.1.2 and prior
  • Baxter Life2000 Ventilation System – version 06.08.00.00 and prior
  • Hitachi Energy MSM – versions 2.2.8 and prior
  • Hitachi Energy TRO600 series firmware – versions 9.0.1.0 – 9.2.0.0
  • Hitachi Energy TRO600 series firmware – versions 9.1.0.0 – 9.2.0.0
  • Rockwell Automation Arena Input Analyzer – version v16.20.03 and prior
  • Rockwell Automation FactoryTalk Updater – Web Client – versions 4.00.00
  • Rockwell Automation FactoryTalk Updater – Client – all versions
  • Rockwell Automation FactoryTalk Updater – Agent – all versions
  • Rockwell Automation FactoryTalk View ME – version v14.0 and prior
  • Rockwell Automation Verve Asset Manager – versions 1.39 and prior
  • Siemens SCALANCE M-800 Family – versions prior to V8.2
  • Siemens SIMATIC S7-PLCSIM V16 & V17 – all versions
  • Siemens SIMATIC STEP 7 and WinCC family – multiple versions
  • Siemens SIMOCODE ES V16, V18 and V18 – multiple versions
  • Siemens SIMOTION SCOUT TIA V5.4 SP1, SP3 and V5.5 SP1 – all versions
  • Siemens SINAMICS Startdrive V16, V17 and V18 – all versions
  • Siemens SIRIUS Safety ES V17 and V18 – multiple versions
  • Siemens SIRIUS Soft Starter ES V17 and V18 – multiple versions
  • Siemens Mendix Runtime – multiple versions
  • Siemens OZW672 – versions prior to V5.2
  • Siemens OZW772 – versions prior to V5.2
  • Siemens RUGGEDCOM CROSSBOW (SAC) – versions prior to 5.6
  • Siemens SIMATIC CP1543-1 – version V4.0 (6GK7543-1AX10-0XE0)
  • Siemens SINEC INS – versions prior to V1.0 SP2 Update 3
  • Siemens SINEC NMS – versions prior to V3.0 SP1
  • Siemens SIPORT – versions prior to V3.4.0
  • Siemens Solid Edge SE2024 – versions prior to V224.0 Update 9
  • Siemens Spectrum Power 7 – all versions prior to V24Q3
  • Siemens TeleControl Server Basic V3.1 – versions prior to V3.1.2.1
  • Siemens TIA Portal Cloud V16, V17 and V18 – multiple versions
  • Subnet Solutions PowerSYSTEM Center PSC 2020 – versions v5.22.x and prior

The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates if available.

This alert was originated From: Canadian Centre for Cyber Security

https://cyber.gc.ca/en/alerts-advisories/control-systems-cisa-ics-security-advisories-av24-665

Leave a Reply

Your email address will not be published. Required fields are marked *