Serial number: AV24-097
Date: February 19, 2024
Between February 12 and 18, 2024, CISA published ICS advisories to address vulnerabilities in the following products:
- Mitsubishi Electric MELSEC iQ-R Series – multiple versions and models
- Siemens SCALANCE W1750D – multiple versions and models
- Siemens SIMATIC CP 343-1 (6GK7343-1EX30-0XE0) – all versions
- Siemens SIMATIC CP 343-1 Lean (6GK7343-1CX10-0XE0) – all versions
- Siemens SIPLUS NET CP 343-1 (6AG1343-1EX30-7XE0) – all versions
- Siemens SIPLUS NET CP 343-1 Lean (6AG1343-1CX10-2XE0) – all versions
- Siemens SIDIS Prime – versions prior to V4.0.400
- Siemens SIMATIC RTLS Gateway – multiple versions and models
- Rockwell Automation FactoryTalk Service Platform – versions prior to v2.74
- Siemens Location Intelligence – multiple versions and models
- Siemens Parasolid – multiple versions
- Siemens Polarion ALM – all versions
- Siemens RUGGEDCOM APE1808 – versions prior to 23.3.0
- Siemens SCALANCE SC-600 Family – multiple versions and models
- Siemens SCALANCE XCM-/XRM-300 – multiple versions and models
- Siemens OpenPCS – all versions
- Siemens SIMATIC BATCH V9.1 – all versions
- Siemens SIMATIC PCS 7 V9.1 – all versions
- Siemens SIMATIC Route Control V9.1 – all versions
- Siemens SIMATIC WinCC – multiple versions and models
- Siemens Simcenter Femap – multiple versions
- Siemens SINEC NMS – versions prior to V2.0 SP1
- Siemens Tecnomatix Plant Simulation – multiple versions and models
- Siemens Unicam FX – all versions
The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates if available.