CISA Releases Twenty-Five Industrial Control Systems Advisories

Original release date: October 13, 2022

CISA has released twenty-five (25) Industrial Control Systems (ICS) advisories on October 13, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.

CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations:

•   ICSA-22-286-01 Siemens LOGO!
•   ICSA-22-286-02 Siemens Industrial Edge Management
•   ICSA-22-286-03 Siemens Solid Edge
•   ICSA-22-286-04 Siemens SIMATIC S7-1200 and S7-1500 CPU Families
•   ICSA-22-286-05 Hitachi Energy Lumada Asset Performance Management Prognostic Model Executor Service
•   ICSA-22-286-06 Siemens Desigo PXM Devices Webserver
•   ICSA-22-286-07 Siemens Nucleus RTOS FTP Server
•   ICSA-22-286-08 Siemens TCP Event Service of SCALANCE and RUGGEDCOM Devices
•   ICSA-22-286-09 Siemens SICAM P850 and P855 Devices
•   ICSA-22-286-10 Siemens JT Open Toolkit and Simcenter Femap
•   ICSA-22-286-11 Siemens SCALANCE and RUGGEDCOM Products
•   ICSA-22-286-12 Siemens APOGEE, TALON and Desigo PXC/PXM Products
•   ICSA-22-286-13 Siemens LOGO! 8 BM Devices
•   ICSA-22-286-14 Siemens SIMATIC HMI Panels
•   ICSA-22-286-15 Siemens SCALANCE X-200 and X-200IRT Families
•   ICSA-22-286-16 Siemens Desigo CC and Cerberus DMS
•   ICSA-21-250-01 Mitsubishi Electric MELSEC iQ-R Series (UpdateA)
•   ICSA-21-287-03 Mitsubishi Electric MELSEC iQ-R Series (UpdateA)
•   ICSA-22-104-06 Siemens PROFINET Stack Integrated on Interniche Stack (Update D)
•   ICSA-22-069-03 Siemens SINEC NMS (Update A)
•   ICSA-21-287-07 Siemens SCALANCE (Update A)
•   ICSA-21-315-06 Siemens SCALANCE W1750D (Update A)
•   ICSA-22-167-06 Siemens Apache HTTP Server (Update A)
•   ICSA-22-167-14 Siemens OpenSSL Affected Industrial Products (Update D)
•   ICSA-22-132-08 Siemens Industrial Products with OPC UA (Update C)