The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS security advisories, along with additional alerts, updates, and bulletins:
ICS Advisories:
- On January 30, 2025, CISA Released Eight Industrial Control Systems Advisories for products used across multiple sectors, please check these latest advisories for specific equipment used across your ICS/SCADA environments and address accordingly:
- Hitachi Energy UNEM
- New Rock Technologies Cloud Connected Devices
- Schneider Electric System Monitor Application in Harmony and Pro-face PS5000 Legacy Industrial PCs – Used in Energy
- Rockwell Automation KEPServer
- Rockwell Automation FactoryTalk AssetCentre
- Contec Health CMS8000 Patient Monitor
- Mitsubishi Electric Multiple FA Engineering Software Products (Update B)
- Contec Health CMS8000 Patient Monitor (Update A)
- On January 28, 2025, CISA Released Seven Industrial Control Systems Advisories for products used across multiple sectors, please check these latest advisories for specific equipment used across your ICS/SCADA environments and address accordingly:
- B&R Automation Runtime
- Schneider Electric Power Logic – Used in Energy
- Rockwell Automation FactoryTalk
- Rockwell Automation FactoryTalk View Site Edition
- Rockwell Automation DataMosaix Private Cloud
- Schneider Electric RemoteConnect and SCADAPack x70 Utilities – Used in Energy
- BD Diagnostic Solutions Products (Update A)
Additional Alerts, Updates, and Bulletins
- 01/29/2025: CISA Adds One Known Exploited Vulnerability to Catalog
- 01/24/2025: CISA Adds One Known Exploited Vulnerability to Catalog
- CISA Releases Fact Sheet Detailing Embedded Backdoor Function of Contec CMS8000 Firmware
Related WaterISAC PIRs: 8
