Serial number: AV24-200
Date: April 15, 2024
Between April 8 and 14, 2024, CISA published ICS advisories to address vulnerabilities in the following products:
- Rockwell Automation 5015-AENFTXT – version 35 and versions prior to 2.12.1
- Siemens SIMATIC s7-1500 TM MFP (GNU/Linux subsystem) – all versions
- Siemens SIMATIC PCS 7 V9.1 – versions prior to V9.1 SP2 UC04
- Siemens SIMATIC WinCC Runtime Professional V17 – all versions
- Siemens SIMATIC WinCC Runtime Professional V18 – all versions
- Siemens SIMATIC WinCC Runtime Professional V19 – versions prior to V19 Update 1
- Siemens SIMATIC WinCC V7.5 – versions prior to V7.5 SP2 Update 16
- Siemens SIMATIC WinCC V8.0 – all versions
- Siemens RUGGEDCOM APE1808 – versions with Palo Alto Networks Virtual NGFW prior to V11.0.1
- Siemens RUGGEDCOM APE1808 – multiple versions
- Siemens RUGGEDCOM APE1808 – multiple versions
- Siemens RUGGEDCOM APE1808 – multiple versions
- Siemens SCALANCE W1750D (JP) (6GK5750-2HX01-1AD0) – versions prior to V8.10.0.9
- Siemens SCALANCE W1750D (ROW) (6GK5750-2HX01-1AA0) – versions prior to V8.10.0.9
- Siemens SCALANCE W1750D (USA) (6GK5750-2HX01-1AB0) – versions prior to V8.10.0.9
- Siemens Parasolid V35.1 – versions prior to V35.1.254
- Siemens Parasolid V36.0 – versions prior to V36.0.207
- Siemens Parasolid V36.1 – versions prior to V36.1.147
- Siemens SINEC NMS – versions prior to V2.0 SP2
- Siemens TeleControl Server Basic V3 – versions prior to V3.1.2
- SUBNET Solutions PowerSYSTEM Server – version 4.07.00 and prior
- SUBNET Solutions Substation Server 2021 – version 4.07.00 and prior
The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates if available.