CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – January 30, 2024
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
CISA Releases Two Industrial Control Systems Advisories
Products are used across multiple sectors, please check these latest advisories for specific equipment used across your ICS environments and address accordingly.
- Gessler GmbH WEB-MASTER
- AVEVA Edge products (formerly known as InduSoft Web Studio)
Alerts, Updates, and Bulletins:
- Updated: New Software Updates and Mitigations to Defend Against Exploitation of Ivanti Connect Secure and Policy Secure Gateways
- January 31 - CISA Adds One Known Exploited Vulnerability to Catalog
- Moby and Open Container Initiative Release Critical Updates for Multiple Vulnerabilities Affecting Docker-related Components
- CISA Adds One Known Exploited Vulnerability to Catalog
- CISA and FBI Release Secure by Design Alert Urging Manufacturers to Eliminate Defects in SOHO Router
