[Control systems] CISA ICS security advisories (AV24-391)

Serial number: AV24-391
Date: July 16, 2024

Between July 8 and 14, 2024, CISA published ICS advisories to address vulnerabilities in the following products:

  • Delta Electronics CNCSoft-G2 – version 2.0.0.5
  • HMS Industrial Networks Anybus-CompactCom 30 – all versions
  • Johnson Controls Inc. Illustra Pro Gen 4 Camera – version SS016.05.03.01.0010 and prior
  • Johnson Controls Inc. Software House C-CURE 9000 – multiple versions and platforms
  • Mitsubishi Electric MELIPC Series MI5122-VW – firmware versions “05” to “07”
  • Rockwell Automation FactoryTalk Policy Manager – version 6.40
  • Rockwell Automation FactoryTalk System Services – version 6.40
  • Rockwell Automation ThinManager ThinServer – versions 11.1.0, 11.2.0, 12.0.0, 12.1.0, 13.0.0, 13.1.0 and 13.2.0
  • Siemens IPC DiagBase and DiagMonitor – all versions
  • Siemens JT2Go – versions prior to V14.3.0.8
  • Siemens JT Open – all versions
  • Siemens Mendix Encryption – version V10.0.0 and prior
  • Siemens PLM XML SDK – all versions
  • Siemens RUGGEDCOM – multiple versions and models
  • Siemens SCALANCE – multiple versions and models
  • Siemens SIMATIC Energy Manager Basic and Pro – versions prior to V7.5
  • Siemens SIMATIC PCS neo V4.0 – all versions
  • Siemens SIMATIC PCS 7 V9.1 – all versions
  • Siemens SIMATIC STEP 7 – multiple versions and models
  • Siemens SIMATIC WinCC – multiple versions and models
  • Siemens Simcenter Femap – versions prior to V2406
  • Siemens SIMIT – multiple versions and models
  • Siemens SIMOCODE ES – multiple versions and models
  • Siemens SIMOTION SCOUT – all versions, multiple models
  • Siemens SINAMICS Startdrive – all versions, multiple models
  • Siemens SINEC INS – multiple versions
  • Siemens SINEMA Remote Connect Client – versions prior to V3.2 HF1
  • Siemens SINEMA Remote Connect Server – all versions
  • Siemens SIPLUS NET SCALANCE – multiple versions and models
  • Siemens SIPROTEC 5 – multiple versions and models
  • Siemens SIRIUS – multiple versions and models
  • Siemens Soft Starter – multiple versions and models
  • Siemens Teamcenter Visualization – multiple versions
  • Siemens TIA Portal – multiple versions

The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates if available.

Date modified: