CISA releases 5 Industrial Control Systems Advisories

Cybersecurity and Infrastructure Security Agency sent this bulletin at 08/18/2022 12:40 PM EDT

Cybersecurity and Infrastructure Security Agency (CISA) - Defend Today, Secure Tomorrow

You are subscribed to Industrial Control Systems (ICS) Cybersecurity Advisories for Cybersecurity and Infrastructure Security Agency. This information has recently been updated, and is now available.

8/18/2022 12:30 PM EDT

ICS-CERT released the following 5 advisories today, August 18, 2022. Click on the links below for more detailed information on these Industrial Control Systems vulnerabilities.

Siemens Linux-based Products (Update J)

This updated advisory is a follow-up to the advisory update titled ICSA-21-131-03 Siemens Linux-based Products (Update I) that was published August 11, 2022, to the ICS webpage at www.cisa.gov/ics. This advisory contains mitigations for a Use of Insufficiently Random Values vulnerability in versions of Siemens Linux-based products.

Siemens Industrial Products LLDP (Update D)

This updated advisory is a follow-up to the original advisory titled ICSA-21-194-07 Siemens Industrial Products LLDP (Update C) that was published August 11, 2022, on the ICS webpage on cisa.gov/ics. This advisory contains mitigations for Classic Buffer Overflow and Uncontrolled Resource Consumption vulnerabilities in various Siemens industrial products.

Siemens OpenSSL Affected Industrial Products (Update B)

This updated advisory is a follow-up to the original advisory titled ICSA-22-167-14 Siemens OpenSSL Affected Industrial Products (Update A) that was published July 14, 2022, on the ICS webpage on cisa.gov/ics. This advisory contains mitigations for an Infinite Loop vulnerability in various Siemens Industrial products.

Mitsubishi Electric MELSEC iQ-R, Q, L Series and MELIPC Series (Update A)

This updated advisory is a follow-up to the advisory titled ICSA-22-221-01 Mitsubishi Electric MELSEC Q and L Series that was published June 21, 2022, to the ICS webpage on cisa.gov/ics. This advisory contains mitigations for an Improper Resource Locking vulnerability in Mitsubishi Electric MELSEC iQ-R, Q, L and MELIPC series products.

Mitsubishi Electric Multiple Factory Automation Products (Update A)

This updated advisory is a follow-up to the advisory update titled ICSA-22-221-01 Mitsubishi Electric GT SoftGOT2000 that was published August 9, 2022, to the ICS webpage on cisa.gov/ics. This advisory contains mitigation for Infinite Loop and OS Command Injection vulnerabilities in various Mitsubishi Electric factory automation products.

Having trouble viewing this message? View it as a webpage.

You are subscribed to updates from the Cybersecurity and Infrastructure Security Agency (CISA)
Manage Subscriptions | Privacy Policy | Help

Connect with CISA:
Facebook | Twitter | Instagram | LinkedIn | YouTube