CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – January 30, 2024

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – January 30, 2024

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

CISA Releases Eight Industrial Control Systems Advisories

Products are used across multiple sectors, please check these latest advisories for specific equipment used across your ICS environments and address accordingly.

• Emerson Rosemount GC370XA, GC700XA, GC1500XA – Products used in the Energy Sector
• Mitsubishi Electric FA Engineering Software Products
• Mitsubishi Electric MELSEC WS Series Ethernet Interface Module
• Hitron Systems Security Camera DVR
• Rockwell Automation ControlLogix and GuardLogix
• Rockwell Automation FactoryTalk Service Platform
• Rockwell Automation LP30/40/50 and BM40 Operator Interface
• Mitsubishi Electric CNC Series (Update E)

Alerts, Updates, and Bulletins:

• New Mitigations to Defend Against Exploitation of Ivanti Connect Secure and Policy Secure Gateways
• Juniper Networks Releases Security Bulletin for J-Web in Junos OS SRX Series and EX Series
• January 26 – Guidance: Assembling a Group of Products for SBOM