The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

CISA Releases Fourteen Industrial Control Systems Advisories

Products are used across multiple sectors, please check these latest advisories for specific equipment used across your ICS environments and address accordingly.

• Red Lion Sixnet RTUs
• Hitachi Energy MACH System Software – Used in the Energy Sector
• Siemens Mendix Runtime
• Siemens SCALANCE W700
• Siemens SIMATIC PCS neo
• Siemens OPC UA Modeling Editor (SiOME)
• Siemens SCALANCE Family Products
• Siemens COMOS
• Siemens SIPROTEC 4 7SJ66
• Siemens Mendix Studio Pro
• Siemens PNI
• Siemens SIMATIC MV500
• Siemens RUGGEDCOM APE1808 Devices

Alerts, Updates, and Bulletins:

• CISA Adds Three Known Exploited Vulnerabilities to Catalog
• Citrix Releases Security Updates for Citrix Hypervisor
• FBI and CISA Release Advisory on Scattered Spider Group
• CISA Requests Comment on Draft Secure Software Development Attestation Form
• CISA, FBI, and MS-ISAC Release Advisory on Rhysida Ransomware
• VMware Releases Security Update for Cloud Director Appliance
• Fortinet Releases Security Updates for FortiClient and FortiGate
• Microsoft Releases November 2023 Security Updates
• Adobe Releases Security Updates for Multiple Products