CISA releases 6 Industrial Control Systems Advisories

Cybersecurity and Infrastructure Security Agency sent this bulletin at 06/21/2022 01:54 PM EDT

Cybersecurity and Infrastructure Security Agency (CISA) - Defend Today, Secure Tomorrow

You are subscribed to no topic for Cybersecurity and Infrastructure Security Agency. This information has recently been updated, and is now available.

CISA releases 6 Industrial Control Systems Advisories
6/21/2022 1:54 PM EDT
ICS-CERT released the following 6 advisories today, June 21, 2022. Click on the links below for more detailed information on these Industrial Control Systems vulnerabilities.

Mitsubishi Electric MELSEC Q and L Series

This advisory contains mitigations for an Improper Resource Locking vulnerability in Mitsubishi Electric MELSEC Q and L Series CPUs.

JTEKT TOYOPUC

This advisory contains mitigations for a Missing Authentication for Critical Function vulnerability in the JTEKT TOYOPUC programmable logic controller.

Phoenix Contact Classic Line Controllers

This advisory contains mitigations for an Insufficient Verification of Data Authenticity vulnerability in the Phoenix Contact Classic Line Controllers.

Phoenix Contact ProConOS and MULTIPROG

This advisory contains mitigations for an Insufficient Verification of Data Authenticity vulnerability in the Phoenix Contact ProConOS and MULTIPROG software development kit.

Phoenix Contact Classic Line Industrial Controllers

This advisory contains mitigations for a Missing Authentication for Critical Function Insufficient Verification of Data Authenticity vulnerability in the Phoenix Contact Classic Line Industrial Controllers.

Siemens WinCC OA

This advisory contains mitigations for a Use of Client-side Authentication vulnerability in the Siemens SIMATIC WinCC OA software management platform.