The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
CISA Releases Four Industrial Control Systems Advisories
Products are used across multiple sectors, please check these latest advisories for specific equipment used across your ICS environments and address accordingly.
- Rockwell Automation FactoryTalk Remote Access – Used in Energy and Water and Wastewater Sectors
- SUBNET PowerSYSTEM Center and Substation Server – Used in the Energy Sector
- Johnson Controls Software House C-CURE 9000
- Mitsubishi Electric Multiple FA Engineering Software Products
Alerts, Updates, and Bulletins:
- CISA Adds One Known Exploited Vulnerability to Catalog
- Apple Releases Security Updates for Multiple Products
- CISA and Partners Release Guidance for Civil Society Organizations on Mitigating Cyber Threats with Limited Resources
- Categorically Unsafe Software
- CISA and Partners Release Advisory on Black Basta Ransomware
