[Control systems] CISA ICS security advisories (AV24-055)

From: Canadian Centre for Cyber Security

Serial number: AV24-055
Date: January 29, 2024

Between January 22 and 28, 2024, CISA published ICS advisories to address vulnerabilities in the following products:

  • APSystems Energy Communication Unit Power Control Software – multiple versions
  • Crestron AM-300 – version 1.4499.00018
  • Lantronix XPort Device Server Configuration Manager – version 2.0.0.13
  • MachineSense FeverWarn ESP32
  • MachineSense FeverWarn RaspberryPi
  • MachineSense FeverWarn DataHub RaspberryPi
  • Orthanc Osimis WebViewer – version 1.4.2.0-9d9eff4
  • SystemK NVR 504 – version 2.3.5SK.30084998
  • SystemK NVR 508 – version 2.3.5SK.30084998
  • SystemK NVR 516 – version 2.3.5SK.30084998
  • Voltronic Power ViewPower Pro – version 2.0-22165
  • Westermo Lynx – model version L206-F2G1
  • Westermo Lynx – firmware version 4.24

The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates if available.

Beginning January 29, 2024, the Cyber Centre will be publishing a summary of CISA's ICS Advisories from the week before into a single Cyber Centre advisory each week.

Report a problem on this page

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Please select all that apply:

Thank you for your help!

You will not receive a reply. For enquiries, please contact us.

Date modified: