CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – July 14, 2022

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

• Siemens SCALANCE X Switch Devices
• Siemens SICAM GridEdge – Product Used in the Energy Sector
• Siemens SIMATIC MV500 Devices
• Siemens Simcenter Femap
• Siemens RUGGEDCOM ROX
• Siemens Mendix Excel Importer
• Siemens Datalogics File Parsing Vulnerability
• Siemens PADS Standard/Plus Viewer
• Simcenter Femap and Parasolid
• Siemens Mendix Applications
• Open Design Alliance Drawings SDK
• Siemens SRCS VPN Feature in SIMATIC CP Devices
• Siemens Mendix
• Siemens CPC80 Firmware of SICAM A8000
• Siemens SIMATIC eaSie Core Package
• Siemens EN100 Ethernet Module – Product Used in the Energy Sector
• Siemens Opcenter Quality
• Siemens RUGGEDCOM ROS
• Siemens Industrial Products Intel CPUs (Update D)
• Siemens SIMATIC Industrial Products (Update B)
• Siemens SCALANCE X (Update D) – Product Used in the Water and Wastewater sector and the Energy Sector
• Siemens TIA Administrator (Update A)
• Siemens VxWorks-based Industrial Products (Update C)
• Siemens PROFINET Stack Integrated on Interniche Stack (Update B)
• Siemens Industrial Products with OPC UA (Update A)
• Siemens Mendix (Update B)
• Siemens OpenSSL Affected Industrial Products (Update A)
• Siemens SIMATIC WinCC (Update E)
• Siemens Industrial PCs and CNC devices (Update A)
• Siemens Industrial Products (Update A)

Alerts, Updates, and Bulletins:

• (DHS) Cyber Safety Review Board Releases Unprecedented Report of its Review into Log4j Vulnerabilities and Response
• CISA Adds One Known Exploited Vulnerability to Catalog 
• Microsoft Releases July 2022 Security Updates
• Citrix Releases Security Updates for Hypervisor
• SAP Releases July 2022 Security Updates
• Juniper Networks Releases Security Updates for Multiple Products
• Adobe Releases Security Updates for Multiple Products