ICS-CERT has released an advisory on a Progea Movicon SCADA/HMI vulnerability. Movicon Version 11.5.1181 and prior are affected. Successful exploitation of these vulnerabilities could allow privilege escalation or arbitrary code execution. Progea has not provided an update to address these vulnerabilities, however, it has issued a knowledge base article about DLL Hijacking. NCCIC/ICS-CERT recommends that users take defensive measures to minimize the risk of exploitation of these vulnerabilities. ICS-CERT.