CISA releases 5 Industrial Control Systems Advisories
Cybersecurity and Infrastructure Security Agency sent this bulletin at 08/18/2022 12:40 PM EDTYou are subscribed to Industrial Control Systems (ICS) Cybersecurity Advisories for Cybersecurity and Infrastructure Security Agency. This information has recently been updated, and is now available.
Siemens Linux-based Products (Update J)
This updated advisory is a follow-up to the advisory update titled ICSA-21-131-03 Siemens Linux-based Products (Update I) that was published August 11, 2022, to the ICS webpage at www.cisa.gov/ics. This advisory contains mitigations for a Use of Insufficiently Random Values vulnerability in versions of Siemens Linux-based products.
Siemens Industrial Products LLDP (Update D)
This updated advisory is a follow-up to the original advisory titled ICSA-21-194-07 Siemens Industrial Products LLDP (Update C) that was published August 11, 2022, on the ICS webpage on cisa.gov/ics. This advisory contains mitigations for Classic Buffer Overflow and Uncontrolled Resource Consumption vulnerabilities in various Siemens industrial products.
Siemens OpenSSL Affected Industrial Products (Update B)
This updated advisory is a follow-up to the original advisory titled ICSA-22-167-14 Siemens OpenSSL Affected Industrial Products (Update A) that was published July 14, 2022, on the ICS webpage on cisa.gov/ics. This advisory contains mitigations for an Infinite Loop vulnerability in various Siemens Industrial products.
Mitsubishi Electric MELSEC iQ-R, Q, L Series and MELIPC Series (Update A)
This updated advisory is a follow-up to the advisory titled ICSA-22-221-01 Mitsubishi Electric MELSEC Q and L Series that was published June 21, 2022, to the ICS webpage on cisa.gov/ics. This advisory contains mitigations for an Improper Resource Locking vulnerability in Mitsubishi Electric MELSEC iQ-R, Q, L and MELIPC series products.
Mitsubishi Electric Multiple Factory Automation Products (Update A)
This updated advisory is a follow-up to the advisory update titled ICSA-22-221-01 Mitsubishi Electric GT SoftGOT2000 that was published August 9, 2022, to the ICS webpage on cisa.gov/ics. This advisory contains mitigation for Infinite Loop and OS Command Injection vulnerabilities in various Mitsubishi Electric factory automation products.