The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

CISA Releases Twenty Industrial Control Systems Advisories

Products are used across multiple sectors, please check these latest advisories for specific equipment used across your ICS environments and address accordingly.

• Siemens Mendix Applications – Used in the Energy Sector
• Siemens SIMATIC S7-200 SMART Devices – Used in the Water and Wastewater and Energy Sectors
• Siemens TIA Administrator
• Siemens ST7 ScadaConnect – Used in the Energy Sector
• Siemens SITOP UPS1600
• Siemens TIM 1531 IRC – Used in the Water and Wastewater and Energy Sectors
• Siemens PowerSys
• Siemens Teamcenter Visualization and JT2Go – Used in the Energy Sector
• Siemens SICAM AK3/BC/TM – Used in the Energy Sector
• Siemens SIMATIC and SIPLUS – Used in the Water and Wastewater and Energy Sectors
• Siemens SCALANCE XM-400, XR-500 – Used in the Energy Sector
• Siemens SCALANCE W700 – Used in the Energy Sector
• Siemens SINEC Traffic Analyzer – Used in the Energy Sector
• Fuji Electric Tellus Lite V-Simulator
• Rockwell Automation FactoryTalk View SE
• Rockwell Automation FactoryTalk View SE
• Rockwell Automation FactoryTalk View SE
• Motorola Solutions Vigilant License Plate Readers
• Mitsubishi Electric MELSEC-Q/L Series (Update B)
• Mitsubishi Electric Multiple Products (Update G)

Alerts, Updates, and Bulletins:

• CISA Adds Three Known Exploited Vulnerabilities to Catalog
• 06/12/2024 - CISA Adds Two Known Exploited Vulnerabilities to Catalog
• Phone Scammers Impersonating CISA Employees  
• 06/11/2024 - Microsoft Releases June 2024 Security Updates