CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – May 16, 2024

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

CISA Releases Seventeen Industrial Control Systems Advisories

Products are used across multiple sectors, please check these latest advisories for specific equipment used across your ICS environments and address accordingly.

• Siemens Parasolid – Used in the Energy Sector
• Siemens SICAM Products
• Siemens Teamcenter Visualization and JT2Go
• Siemens Polarion ALM
• Siemens Simcenter Nastran
• Siemens SIMATIC CN 4100 Before V3.0
• Siemens SIMATIC RTLS Locating Manager
• Siemens PS/IGES Parasolid Translator Component
• Siemens Solid Edge
• Siemens RUGGEDCOM CROSSBOW – Used in the Energy Sector
• Siemens RUGGEDCOM APE1808
• Siemens Desigo Fire Safety UL and Cerberus PRO UL Fire Protection Systems
• Siemens Industrial Products
• Rockwell Automation FactoryTalk View SE – Used in the Water and Wastewater and Energy Sectors
• Mitsubishi Electric MELSEC iQ-R Series Safety CPU and SIL2 Process CPU (Update A)
• Mitsubishi Electric MELSEC-Q/L Series (Update A)
• GE Healthcare Ultrasound Products (Update A)

Alerts, Updates, and Bulletins:

• CISA Adds Three Known Exploited Vulnerabilities to Catalog
• Cisco Releases Security Updates for Multiple Products
• Adobe Releases Security Updates for Multiple Products
• May 14 – Microsoft Releases May 2024 Security Updates