Serial number: AV24-150
Date: March 18, 2024
Between March 11 and 17, 2024, CISA published ICS advisories to address vulnerabilities in the following products:
- Delta Electronics DIAEnergie – versions prior to 1.10.00.005
- Mitsubishi Electric MELSEC-L Series – all versions
- Mitsubishi Electric MELSEC-Q Series – multiple versions and models
- Schneider EcoStruxure Power Design Ecodial – multiple versions and platforms
- Siemens Cerberus PRO – multiple versions and platforms
- Siemens RUGGEDCOM APE1808 with Fortinet NGFW – all versions
- Siemens SCALANCE – multiple versions and platforms
- Siemens SENTRON 3KC ATC6 Expansion Module Ethernet – all versions
- Siemens SENTRON 7KM PAC3x20 – multiple versions and platforms
- Siemens SIMATIC RF160B – versions prior to 2.2
- Siemens SINEMA Remote Connect Client – versions prior to 3.1 SP1
- Siemens SINEMA Remote Connect Server – versions prior to 3.2
- Siemens Siveillance Control – versions 2.8 to versions prior to 3.1.1
- Siemens Sinteso – multiple versions and platforms
- Siemens Solid Edge – versions prior to 223.0.11
- Softing edgeConnector – version 3.60
- Softing edgeAggregator – version 3.60
The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates if available.