Serial number: AV24-055
Date: January 29, 2024
Between January 22 and 28, 2024, CISA published ICS advisories to address vulnerabilities in the following products:
- APSystems Energy Communication Unit Power Control Software – multiple versions
- Crestron AM-300 – version 1.4499.00018
- Lantronix XPort Device Server Configuration Manager – version 2.0.0.13
- MachineSense FeverWarn ESP32
- MachineSense FeverWarn RaspberryPi
- MachineSense FeverWarn DataHub RaspberryPi
- Orthanc Osimis WebViewer – version 1.4.2.0-9d9eff4
- SystemK NVR 504 – version 2.3.5SK.30084998
- SystemK NVR 508 – version 2.3.5SK.30084998
- SystemK NVR 516 – version 2.3.5SK.30084998
- Voltronic Power ViewPower Pro – version 2.0-22165
- Westermo Lynx – model version L206-F2G1
- Westermo Lynx – firmware version 4.24
The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates if available.
Beginning January 29, 2024, the Cyber Centre will be publishing a summary of CISA's ICS Advisories from the week before into a single Cyber Centre advisory each week.