CISA releases 7 Industrial Control Systems Advisories
Cybersecurity and Infrastructure Security Agency sent this bulletin at 08/23/2022 01:25 PM EDT
You are subscribed to Industrial Control Systems (ICS) Cybersecurity Advisories for Cybersecurity and Infrastructure Security Agency. This information has recently been updated, and is now available.
ARC Informatique PcVue
This advisory contains mitigations for a Cleartext Storage of Sensitive Information vulnerability in various components of ARC Informatique products.
Delta Industrial Automation DIALink
This advisory contains mitigations for an Use of Hard-coded Cryptographic Key vulnerability in various versions of the DIALink Industrial Automation server.
myScada Pro
This advisory contains mitigations for a Command Injection vulnerability in various versions of myPRO HMI and SCADA systems.
Measuresoft ScadaPro Server
This advisory contains mitigations for an Out-of-bounds Write vulnerability in Measuresoft ScadaPro Server, a supervisory control and data acquisition (SCADA) system.
Measuresoft ScadaPro Server and Client
This advisory contains mitigations for Untrusted Pointer Dereference, Stack-based Buffer Overflow, Use After Free, and Link Following vulnerabilities in Measuresoft ScadaPro Server and Client, a supervisory control and data acquisition (SCADA) system.
Hitachi Energy RTU500
This advisory contains mitigations for a Stack-based Buffer Overflow vulnerability in versions of Hitatchi Energy RTU500 firmware.
Illumina Local Run Manager (Update A)
This updated advisory is a follow-up to the original advisory titled ICSA-22-153-02 Illumina Local Run Manager that was published June 22, 2022, on the ICS webpage on cisa.gov/ics. This advisory contains mitigations for Path Traversal, Unrestricted Upload of File with Dangerous Type, Improper Access Control, and Cleartext Transmission of Sensitive Information vulnerabilities in Illumina devices using Local Run Manager software.