The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

CISA Releases Nineteen Industrial Control Systems Advisories

Products are used across multiple sectors, please check these latest advisories for specific equipment used across your ICS environments and address accordingly.

• Siemens SIMATIC CP products
• Siemens SCALANCE W1750D
• Siemens SICAM A8000 Devices
• Siemens Xpedition Layout Browser
• Siemens Simcenter Amesim
• Siemens SICAM PAS/PQS
• Siemens RUGGEDCOM APE1808
• Siemens SINEC NMS
• Siemens CPCI85 Firmware of SICAM A8000 Devices
• Siemens Tecnomatix Plant Simulation
• Siemens Mendix Forgot Password Module
• Weintek cMT3000 HMI Web CGI
• Mitsubishi Electric MELSEC-F Series
• Hikvision Access Control and Intercom Products
• Advantech WebAccess – Used in Energy and Water and Wastewater Systems Sector
• Schneider Electric IGSS – Used in Energy Sector
• Santesoft Sante DICOM Viewer Pro
• Santesoft Sante FFT Imaging​
• ​PTC Kepware KepServerEX (Update A)

Alerts, Updates, and Bulletins:

• Fortinet Releases Security Updates for Multiple Products
• FBI and CISA Release Update on AvosLocker Advisory
• Microsoft Releases October 2023 Security Updates
• Citrix Releases Security Updates for Multiple Products
• HTTP/2 Rapid Reset Vulnerability, CVE-2023-44487
• CISA Adds Five Known Vulnerabilities to Catalog