The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
- Johnson Controls Metasys ADX Server
- Hitachi Energy Modular Switchgear Monitoring (MSM) - Product Used in the Energy Sector
- Horner Automation Cscape
- OMRON CX-Programmer
Alerts, Updates, and Bulletins:
- Microsoft Releases Guidance on Zero-Day Vulnerabilities in Microsoft Exchange Server
- CISA Adds Three Known Exploited Vulnerabilities to Catalog
- VMWare Releases Guidance for VirtualPITA, VirtualPIE, and VirtualGATE Malware Targeting vSphere
- CISA Issues Binding Operational Directive 23-01: Improving Asset Visibility and Vulnerability Detection on Federal Networks
- Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization
- Hurricane-Related Scams
- Cisco Releases Security Updates for Multiple Products
- Drupal Releases Security Update
- Mozilla Releases Security Update for Thunderbird