[Control systems] CISA ICS security advisories (AV24-065)

Serial number: AV24-065
Date: February 5, 2024

Between January 29 and February 4, 2024, CISA published ICS advisories to address vulnerabilities in the following products:

  • AVEVA Edge – versions 2020 R2 SP2 and prior
  • Emerson Rosemount GC370XA, GC700XA and GC1500XA – version 4.1.5
  • Gessler GmbH WEB-MASTER – version 7.9
  • Hitron Systems DVR HVR-4781, DVR HVR-8781, DVR HVR-16781, DVR LGUVR-4H, DVR LGUVR-8H and DVR LGUVR-16H – versions 1.03 to 4.02
  • Mitsubishi Electric EZSocket – versions 3.0 and later
  • Mitsubishi Electric FR Configurator2 – all versions
  • Mitsubishi Electric GT Designer3 Version1(GOT1000) – all versions
  • Mitsubishi Electric GT Designer3 Version1(GOT2000) – all versions
  • Mitsubishi Electric GX Works2 – versions 1.11M and later
  • Mitsubishi Electric GX Works3 – all versions
  • Mitsubishi Electric MELSOFT Navigator – versions 1.04E and later
  • Mitsubishi Electric MT Works2 – all versions
  • Mitsubishi Electric MX Component – versions 4.00A and later
  • Mitsubishi Electric MX OPC Server DA/UA (Software packaged with MC Works64) – all versions
  • Mitsubishi Electric WS0-GETH00200 – all serial numbers
  • Rockwell Automation ControlLogix 5570 – firmware version 20.011
  • Rockwell Automation ControlLogix 5570 Redundancy – firmware version 20.054_kit1
  • Rockwell Automation GuardLogix 5570 – firmware version 20.011
  • Rockwell Automation FactoryTalk Service Platform – versions prior to v6.4
  • Rockwell Automation LP30, LP40, LP50 and BM40 Operator Panel – versions prior to V3.5.19.0

The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates if available.

Report a problem on this page

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Please select all that apply:

Thank you for your help!

You will not receive a reply. For enquiries, please contact us.

Date modified: