Serial number: AV25-054
Date: February 3, 2025
Between January 27 and February 2, 2025, CISA published ICS advisories to address vulnerabilities in the following products:
- B&R Automation Runtime – versions prior to 6.1
- B&R mapp View – versions prior to 6.1
- Contec Health CMS8000 Patient Monitor – multiple versions
- Hitachi Energy UNEM – multiple versions
- New Rock Technologies MX8G VoIP Gateway – all versions
- New Rock Technologies NRP1302/P Desktop IP Phone – all versions
- New Rock Technologies OM500 IP-PBX – all versions
- Rockwell Automation DataEdgePlatform DataMosaix Private Cloud – version 7.11 and prior, version 7.09 and prior
- Rockwell Automation FactoryTalk AssetCentre – versions prior to V15.00.001
- Rockwell Automation FactoryTalk View SE – all versions prior to 15.0
- Rockwell Automation FactoryTalk – all versions prior to 15.0
- Rockwell Automation KEPServer – versions 6.0 to 6.14.263
- Schneider Electric Power Logic – version v0.62.7 and prior
- Schneider Electric RemoteConnect – all versions
- Schneider Electric SCADAPackTM x70 Utilities – all versions
- Schneider Electric System Monitor application in Harmony Industrial PC – all versions
- Schneider Electric System Monitor application in Pro-face Industrial PC – all versions
The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates if available.