The NCCIC has released an advisory on vulnerabilities in WECON Technology Co., Ltd. LeviStudio HMI Editor and PI Studio HMI Project Programmer. WECON LeviStudioU version 1.10, part of WECON LeviStudioU 1.8.29 and prior, and PI Studio HMI Project Programmer Build from November 11, 2017 to prior, are affected. Successful exploitation of these vulnerabilities could allow remote code execution. WECON recommends that users update to the latest version. The NCCIC also recommends a series of defensive measures to minimize the risk of exploitation of the vulnerabilities. NCCIC/ICS-CERT.