Serial number: AV24-728
Date: December 23, 2024
Between December 16 and 22, 2024, CISA published ICS advisories to address vulnerabilities in the following products:
- BD Diagnostic Solutions BACTEC Blood Culture System&nbasp;– all versions
- BD Diagnostic Solutions COR System&nbasp;– all versions
- BD Diagnostic Solutions EpiCenter Microbiology Data Management System&nbasp;– all versions
- BD Diagnostic Solutions MAX System&nbasp;– all versions
- BD Diagnostic Solutions Phoenix M50 Automated Microbiology System&nbasp;– all versions
- BD Diagnostic Solutions Synapsys Informatics Solution – all versions
- Delta Electronics DTM Soft&nbasp;– versions 1.30 and prior
- Hitachi Energy RTU400 series CMU Firmware&nbasp;– multiple versions
- Hitachi Energy SDM600&nbasp;– versions prior to 1.3.4
- Hitachi Energy TropOS devices series 1400/2400/6400&nbasp;– versions prior to 8.9.6
- Ossur Mobile Logic Application&nbasp;– versions prior to 1.5.5
- Rockwell Automation PowerMonitor 1000 Remove&nbasp;– multiple models, versions prior to 4.020
- Schneider Electric Accutech Manager&nbasp;– versions 2.08.01 and prior
- Schneider Electric Modicon Controllers M241&nbasp;– versions prior to 5.2.11.24
- Schneider Electric Modicon Controllers M251&nbasp;– versions prior to 5.2.11.24
- Schneider Electric Modicon Controllers M258&nbasp;– all versions
- Schneider Electric Modicon Controllers M262&nbasp;– versions prior to 5.2.8.26
- Schneider Electric Modicon Controllers LMC058&nbasp;– all versions
- Siemens User Management Component&nbasp;– multiple applications and versions
- ThreatQuotient ThreatQ&nbasp;– versions prior to 5.29.3
- Tibbo AggreGate Network Manager&nbasp;– versions 6.34.02 and prior
The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates if available.
This alert was originated From: Canadian Centre for Cyber Security
https://cyber.gc.ca/en/alerts-advisories/control-systems-cisa-ics-security-advisories-av24-728