The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS security advisories, along with additional alerts, updates, and bulletins:
ICS Advisories:
- On February 13, 2025, CISA Released Twenty Industrial Control Systems Advisories for products used across multiple sectors, please check these latest advisories for specific equipment used across your ICS/SCADA environments and address accordingly:
- Siemens SIMATIC S7-1200 CPU Family
- Siemens SIMATIC
- Siemens SIPROTEC 5
- Siemens SIPROTEC 5 – Used in Energy
- Siemens SIPROTEC 5 Devices
- Siemens RUGGEDCOM APE1808 Devices
- Siemens Teamcenter
- Siemens OpenV2G
- Siemens SCALANCE W700 – Used in Water and Wastewater Systems and Energy
- Siemens Questa and ModelSim
- Siemens APOGEE PXC and TALON TC Series
- Siemens SIMATIC IPC DiagBase and SIMATIC IPC DiagMonitor
- Siemens SIMATIC PCS neo and TIA Administrator
- Siemens Opcenter Intelligence
- ORing IAP-420 – Used in Energy
- mySCADA myPRO Manager
- Outback Power Mojave Inverter – Used in Energy
- Dingtian DT-R0 Series
- Mitsubishi Electric FA Engineering Software Products (Update C)
- Qardio Heart Health IOS and Android Application and QardioARM A100
- On February 11, 2025, CISA Released Two Industrial Control Systems Advisories for products used across multiple sectors, please check these latest advisories for specific equipment used across your ICS/SCADA environments and address accordingly:
- Access Commander (Update A)
- Trimble Cityworks (Update A) – Used in Water and Wastewater Systems and Energy
Additional Alerts, Updates, and Bulletins
- February 12 - CISA Adds Two Known Exploited Vulnerabilities to Catalog
- February 11 - CISA Adds Four Known Exploited Vulnerabilities to Catalog
- February 7 - CISA Adds One Known Exploited Vulnerability to Catalog
- Trimble Releases Security Updates to Address a Vulnerability in Cityworks Software
- CISA and FBI Warn of Malicious Cyber Actors Using Buffer Overflow Vulnerabilities to Compromise Software
