The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS security advisories, along with additional alerts, updates, and bulletins:

ICS Advisories:

• On September 10, 2024, CISA Releases Four Industrial Control Systems Advisories for products used across multiple sectors, please check these latest advisories for specific equipment used across your ICS/SCADA environments and address accordingly:
  • Viessmann Climate Solutions SE Vitogate 300
  • iniNet Solutions SpiderControl SCADA Web Server
  • Rockwell Automation SequenceManager
  • BPL Medical Technologies PWS-01-BT and BPL Be Well Android Application
• On September 12, 2024, CISA Releases Twenty-Five Industrial Control Systems Advisories for products used across multiple sectors, please check these latest advisories for specific equipment used across your ICS/SCADA environments and address accordingly:
  • Siemens SINEMA Remote Connect Server – Used in Energy and Water and Wastewater Systems
  • Siemens SINUMERIK ONE, SINUMERIK 840D and SINUMERIK 828D
  • Siemens User Management Component (UMC)
  • Siemens SINUMERIK Systems
  • Siemens Mendix Runtime
  • Siemens Automation License Manager
  • Siemens SIMATIC RFID Readers
  • Siemens Industrial Products
  • Siemens SIMATIC, SIPLUS, and TIM – Used in Energy
  • Siemens SINEMA – Used in Energy
  • Siemens Industrial Edge Management – Used in Energy
  • Siemens Tecnomatix Plant Simulation – Used in Energy
  • Siemens SCALANCE W700 – Used in Energy
  • Siemens SIMATIC SCADA and PCS 7 Systems – Used in Energy and Water and Wastewater Systems
  • Siemens Industrial Products
  • Siemens Third Party Component in SICAM and SITIPE Products – Used in Energy and Water and Wastewater Systems
  • AutomationDirect DirectLogic H2-DM1E
  • Rockwell Automation ControlLogix/GuardLogix 5580 and CompactLogix/Compact GuardLogix 5380
  • Rockwell Automation OptixPanel
  • Rockwell Automation AADvance Trusted SIS Workstation
  • Rockwell Automation 5015-U8IHFT
  • Rockwell Automation FactoryTalk Batch View
  • Rockwell Automation FactoryTalk View Site
  • Rockwell Automation Pavilion8
  • Rockwell Automation ThinManager

Additional Alerts, Updates, and Bulletins:

• 09/10/2024 - CISA Adds Four Known Exploited Vulnerabilities to Catalog
• 09/09/2024 - CISA Adds Three Known Exploited Vulnerabilities to Catalog
• Cisco Releases Security Updates for IOS XR Software
• Adobe Releases Security Updates for Multiple Products
• Microsoft Releases September 2024 Security Updates
• Ivanti Releases Security Updates for Endpoint Manager, Cloud Service Application, and Workspace Control
• Citrix Releases Security Updates for Citrix Workspace App for Windows
• Cisco Releases Security Updates for Cisco Smart Licensing Utility