CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – July 27, 2023

Author: April Zupan

Created: Thursday, July 27, 2023 - 16:18

Categories: Cybersecurity, Federal & State Resources, OT-ICS Security

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

CISA Releases Five Industrial Control Systems Advisories

Products are used across multiple sectors, please check these latest advisories for specific equipment used across your ICS environments and address accordingly.

ETIC Telecom RAS Authentication
PTC KEPServerEX
Mitsubishi Electric CNC Series
ETIC Telecom Remote Access Server (RAS) (Update A)
Mitsubishi Electric MELSEC iQ-R, Q, L Series and MELIPC Series (Update B)

Alerts, Updates, and Bulletins:

July 26, 2023 – CISA Adds One Known Exploited Vulnerability to Catalog (CVE-2023-37580 Zimbra Collaboration (ZCS))
July 26, 2023 – CISA Adds One Known Exploited Vulnerability to Catalog (CVE-2023-38606 Apple Multiple Products)
CISA Releases Analysis of FY22 Risk and Vulnerability Assessments