The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
CISA Releases Nine Industrial Control Systems Advisories (July 13, 2023)
CISA Releases One Industrial Control Systems Advisory (July 12, 2023)
Products are used across multiple sectors, please check these latest advisories for specific equipment used across your ICS environments and address accordingly.
- Siemens RUGGEDCOM ROX
- Siemens SiPass Integrated
- Siemens SIMATIC CN 4100
- Siemens SIMATIC MV500 Devices
- Rockwell Automation PowerMonitor 1000
- Honeywell Experion PKS, LX and PlantCruise
- BD Alaris System with Guardrails Suite MX
- Mitsubishi Electric MELSEC iQ-R, iQ-L Series and MELIPC Series (Update A)
- Enphase Envoy (Update A) – used in Energy Sector
- Rockwell Automation Select Communication Modules
Alerts, Updates, and Bulletins:
- CISA Adds Two Known Vulnerabilities to Catalog
- Cisco Releases Security Update for SD-WAN vManage API
- Juniper Releases Multiple Security Updates for Juno OS
- CISA and FBI Release Cybersecurity Advisory on Enhanced Monitoring to Detect APT Activity Targeting Outlook Online
- Microsoft Releases July 2023 Security Updates
- Adobe Releases Security Updates for ColdFusion and InDesign
- Fortinet Releases Security Update for FortiOS and FortiProxy
- CISA, Washington Commanders, and Local Partners Conduct Joint Exercise to Keep Fans and Athletes Safe
