ICS Patch Tuesday: Advisories Published by Siemens, Rockwell, Mitsubishi Electric

ICS Patch Tuesday: Advisories Published by Siemens, Rockwell, Mitsubishi Electric

May 15, 2024 at 06:36AM

Major industrial control systems providers, including Siemens, Rockwell Automation, Mitsubishi Electric, and Johnson Controls, have issued Patch Tuesday advisories addressing vulnerabilities in their products. Siemens has published 15 advisories, addressing critical vulnerabilities in various products, while Rockwell Automation and Mitsubishi Electric also reported high-severity vulnerabilities. CISA has informed organizations about these advisories. Schneider Electric did not release any new advisories.

From the meeting notes, it is clear that several major industrial control systems (ICS) providers have released advisories regarding vulnerabilities in their products. Siemens has published 15 new advisories, addressing critical vulnerabilities in various applications and systems, while also highlighting the impact of ‘high’ severity flaws on a range of industrial products.

Rockwell Automation has also released advisories regarding high-severity vulnerabilities in FactoryTalk Remote Access and FactoryTalk View SE, while Mitsubishi Electric has informed customers about vulnerabilities affecting various factory automation (FA) engineering software products.

Johnson Controls published an advisory on a security issue in the C•CURE 9000 access control and event management solution, while the US cybersecurity agency CISA has informed organizations about the advisories from Rockwell, Mitsubishi, and Johnson Controls, as well as publishing its own advisory for vulnerabilities found in a substation management product made by Subnet Solutions.

It’s worth noting that Schneider Electric has not released any new advisories this Patch Tuesday.

The meeting notes provide a comprehensive overview of the advisories released by these major ICS providers, highlighting the critical and high-severity vulnerabilities addressed, and the security implications for various industrial products and operational technology solutions.

If you need any further analysis or summaries from these meeting notes, feel free to ask!

Full Article