Serial number: AV24-065
Date: February 5, 2024
Between January 29 and February 4, 2024, CISA published ICS advisories to address vulnerabilities in the following products:
- AVEVA Edge – versions 2020 R2 SP2 and prior
- Emerson Rosemount GC370XA, GC700XA and GC1500XA – version 4.1.5
- Gessler GmbH WEB-MASTER – version 7.9
- Hitron Systems DVR HVR-4781, DVR HVR-8781, DVR HVR-16781, DVR LGUVR-4H, DVR LGUVR-8H and DVR LGUVR-16H – versions 1.03 to 4.02
- Mitsubishi Electric EZSocket – versions 3.0 and later
- Mitsubishi Electric FR Configurator2 – all versions
- Mitsubishi Electric GT Designer3 Version1(GOT1000) – all versions
- Mitsubishi Electric GT Designer3 Version1(GOT2000) – all versions
- Mitsubishi Electric GX Works2 – versions 1.11M and later
- Mitsubishi Electric GX Works3 – all versions
- Mitsubishi Electric MELSOFT Navigator – versions 1.04E and later
- Mitsubishi Electric MT Works2 – all versions
- Mitsubishi Electric MX Component – versions 4.00A and later
- Mitsubishi Electric MX OPC Server DA/UA (Software packaged with MC Works64) – all versions
- Mitsubishi Electric WS0-GETH00200 – all serial numbers
- Rockwell Automation ControlLogix 5570 – firmware version 20.011
- Rockwell Automation ControlLogix 5570 Redundancy – firmware version 20.054_kit1
- Rockwell Automation GuardLogix 5570 – firmware version 20.011
- Rockwell Automation FactoryTalk Service Platform – versions prior to v6.4
- Rockwell Automation LP30, LP40, LP50 and BM40 Operator Panel – versions prior to V3.5.19.0
The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates if available.