CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – March 10, 2022

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

• Siemens RUGGEDCOM Devices
• Siemens SIMOTICS CONNECT 400 – Product Used in the Energy Sector
• Siemens SINEC NMS – Product Used in the Energy Sector
• Siemens SINEMA Mendix Forgot Password Appstore
• Siemens Simcenter STAR-CCM+ Viewer
• Siemens COMOS
• Siemens Climatix POL909
• Siemens SINEC INS – Product Used in the Energy Sector
• Siemens Simcenter Femap
• Siemens SINUMERIK MC
• Siemens RUGGEDCOM ROS
• Siemens Mendix
• PTC Axeda agent and Axeda Desktop Server (Update A)
• Siemens SIMATIC Industrial Products (Update A)
• Siemens SICAM TOOLBOX II (Update A)
• Siemens Solid Edge, JT2Go, and Teamcenter Visualization
• Siemens SIMATIC WinCC (Update B)
• Siemens Climatix POL909 (Update A)
• Siemens Industrial Products Intel CPUs (Update B)
• Siemens SIMOTICS CONNECT 400 (Update A) – Product Used in the Energy Sector
• Siemens Industrial Products (Update F)
• Wibu-Systems CodeMeter (Update F)
• Siemens Industrial Products (Update P) – Product Used in the Water and Wastewater Sector and the Energy Sector

Alerts, Updates, and Bulletins:

• Dirty Pipe Privilege Escalation Vulnerability in Linux
• Updated: Conti Ransomware
• Adobe Releases Security Updates for Multiple Products
• SAP Releases March 2022 Security Updates