The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS security advisories, along with additional alerts, updates, and bulletins:

ICS Advisories:

• On December 17, 2024, CISA Released Five Industrial Control Systems Advisories for products used across multiple sectors, please check these latest advisories for specific equipment used across your ICS/SCADA environments and address accordingly:
  • ThreatQuotient ThreatQ Platform
  • Hitachi Energy TropOS Devices Series 1400/2400/6400 – Used in Energy
  • Rockwell Automation PowerMonitor 1000 Remote
  • Schneider Electric Modicon – Used in Energy
  • BD Diagnostic Solutions Products

Additional Alerts, Updates, and Bulletins

• December 17 - CISA Adds One Known Exploited Vulnerability to Catalog
• December 16 - CISA Adds Two Known Exploited Vulnerabilities to Catalog
• December 13 - CISA Adds One Known Exploited Vulnerability to Catalog
• CISA and ONCD Release Playbook for Strengthening Cybersecurity in Federal Grant Programs for Critical Infrastructure
• CISA Requests Public Comment for Draft National Cyber Incident Response Plan Update
• CISA and EPA Release Joint Fact Sheet Detailing Risks Internet-Exposed HMIs Pose to WWS Sector