by |

CISA releases 8 Industrial Control Systems Advisories

Cybersecurity and Infrastructure Security Agency (CISA) - Defend Today, Secure Tomorrow

You are subscribed to Industrial Control Systems (ICS) Cybersecurity Advisories for Cybersecurity and Infrastructure Security Agency. This information has recently been updated, and is now available.

ICS-CERT released the following 8 advisories today, August 16, 2022. Click on the links below for more detailed information on these Industrial Control Systems vulnerabilities.

Yokogawa CENTUM Controller FCS

This advisory contains mitigations for a Denial of Service vulnerability in CENTUM Controller FCS products. 

LS ELEC PLC and XG5000

This advisory contains mitigations for an Inadequate Encryption Strength vulnerability in LS ELECTRIC PLC and XG5000, a PLC programming software. 

Delta Industrial Automation DRAS

This advisory contains mitigations for an Improper Restriction of XML External Entity Reference vulnerability in Delta Industrial Automation DRAS, a controller software suite. 

Softing Secure Integration Server

This advisory contains mitigations for Out-of-bounds Read, Uncontrolled Search Path Element, Improper Authentication, Relative Path Traversal, Cleartext Transmission of Sensitive Information, NULL Pointer Dereference,
and Integer Underflow vulnerabilities in various Softing products. 

BR Industrial Automation Automation
Studio 4

This advisory contains mitigations for an Unrestricted Upload of File with Dangerous Type vulnerability in Industrial Automation
Automation Studio 4, a PLC automation programming software. 

Emerson Electric Proficy Machine Edition

This advisory contains mitigations for Missing Support for Integrity Check, Improper Access Control, Unrestricted Upload of File with Dangerous Type, Improper Verification of Cryptographic Signature, Insufficient Verification
of Data Authenticity, and Path Traversal: ‘\..\filename’ vulnerabilities in Emerson Proficy Machine Edition, an engineering workstation. 

Sequi PortBloque S

This advisory contains mitigations for Improper Authentication and Improper Authorization vulnerabilities in
Sequi PortBloque S, a serial Modbus firewall. 

Siemens Industrial Products
with OPC UA (Update B)

This updated advisory is a follow-up to the original advisory titled ICSA-22-132-08 Siemens Industrial Products with OPC UA (Update A) that was published May 12, 2022, on the ICS webpage on cisa.gov/ics.
This advisory contains mitigations for various Siemens Industrial Products with OPC UA products. 

Having trouble viewing this message? View
it as a webpage

You are subscribed to updates from the
Cybersecurity and Infrastructure Security Agency (CISA)
Manage Subscriptions  |  Privacy
Policy  | 
Help

Connect with CISA:

Facebook  | 
Twitter  | 
Instagram  | 
LinkedIn  |  
YouTube

This email was sent to b13b3fdf.spsmail.cuny.edu@amer.teams.ms using GovDelivery Communications Cloud, on behalf of: Cybersecurity and Infrastructure Security Agency · 707 17th St, Suite
4000 · Denver, CO 80202		 GovDelivery logo

Published

Write a Comment

Comment

  • Related Content by Tag