The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
- AutomationDirect C-More EA9 HMI
- AutomationDirect DirectLOGIC with Serial Communication
- AutomationDirect DirectLOGIC with Ethernet
- Siemens Mendix SAML Module
- Siemens EN100 Ethernet Module - Product Used in the Energy Sector
- Siemens Apache HTTP Server
- Siemens SINEMA Remote Connect Server
- Siemens SICAM GridEdge
- Siemens SCALANCE LPE9403 Third-Party Vulnerabilities
- Siemens SCALANCE XM-400 and XR-500
- Siemens Xpedition Designer
- Siemens Spectrum Power Systems - Product Used in the Energy Sector
- Siemens Teamcenter
- Siemens OpenSSL Affected Industrial Products
- Siemens Teamcenter Active Workspace
- Siemens SCALANCE LPE 4903 and SINUMERIK Edge
- Siemens SINEMA Remote Connect Server
- Siemens SIMATIC WinCC (Update A)
- Siemens Desigo PXC and DXR Devices (Update A)
- Siemens Industrial Devices using libcurl (Update A)
- Siemens Teamcenter (Update A)
- Siemens PROFINET Stack Integrated on Interniche Stack (Update A)
- Siemens Mendix (Update A)
- Siemens RUGGEDCOM Devices (Update B)
- Siemens Solid Edge, JT2Go, and Teamcenter Visualization (Update C)
- Siemens SIMATIC CP (Update A)
- Siemens SIMATIC CP (Update A)
- Siemens Industrial Products LLDP (Update B) - Product Used in the Energy Sector
- Siemens Linux-based Products (Update H)
- Siemens KTK, SIDOOR, SIMATIC, and SINAMICS (Update C) - Product Used in the Water and Wastewater and Energy Sectors
- Siemens PROFINET-IO Stack (Update H)
- Siemens SCALANCE X Switches (Update B)
- Siemens TIA Portal (Update E) - Product Used in the Water and Wastewater and Energy Sectors
- Siemens BACnet Field Panels (Update A)
Alerts, Updates, and Bulletins:
- One (“Follina”) Added to CISA’s Known Exploited Vulnerabilities Catalog
- Microsoft Releases June 2022 Security Updates
- Citrix Releases Security Updates for Application Delivery Management
- Cisco Releases Security Updates for Multiple Products
- CISA Requests Public Comment on CISA’s TIC 3.0 Cloud Use Case
- Adobe Releases Security Updates for Multiple Products
- SAP Releases June 2022 Security Updates