The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
CISA Releases Five Industrial Control Systems Advisories
Products are used across multiple sectors, please check these latest advisories for specific equipment used across your ICS environments and address accordingly.
- ETIC Telecom RAS Authentication
- PTC KEPServerEX
- Mitsubishi Electric CNC Series
- ETIC Telecom Remote Access Server (RAS) (Update A)
- Mitsubishi Electric MELSEC iQ-R, Q, L Series and MELIPC Series (Update B)
Alerts, Updates, and Bulletins:
- July 26, 2023 - CISA Adds One Known Exploited Vulnerability to Catalog (CVE-2023-37580 Zimbra Collaboration (ZCS))
- July 26, 2023 - CISA Adds One Known Exploited Vulnerability to Catalog (CVE-2023-38606 Apple Multiple Products)
- CISA Releases Analysis of FY22 Risk and Vulnerability Assessments
