Serial number: AV24-283
Date: May 21, 2024
Between May 13 and 19, CISA published ICS advisories to address vulnerabilities in the following products:
- Johnson Controls Software House C-CURE 9000 – version 3.00.2
- Mitsubishi Electric Multiple FA Engineering Software Products – multiple versions and platforms
- Rockwell Automation FactoryTalk Remote Access – version 13.5.0.174 and prior
- Rockwell Automation FactoryTalk View SE – versions prior to 14.0
- Siemens Cerberus PRO UL – multiple versions and platforms
- Siemens Desigo Fire Safety UL – multiple versions and platforms
- Siemens JT2Go – versions prior to 2312.0001
- Siemens Parasolid – multiple versions and platforms
- Siemens Polarion ALM – versions prior to 2404.0
- Siemens PS/IGES Parasolid Translator Component – versions prior to 27.1.215
- Siemens RUGGEDCOM APE1808LNX CC (6GK60150AL20-0GH1) – all versions
- Siemens RUGGEDCOM APE1808LNX (6GK6015-0AL200GH0) – all versions
- Siemens RUGGEDCOM CROSSBOW – versions prior to 5.5
- Siemens SICAM – multiple versions and platforms
- Siemens SIMATIC CN 4100 – versions prior to 3.0
- Siemens SIMATIC RTLS Locating Manager – multiple platforms, versions prior to V3.0.1.1
- Siemens Simcenter Nastran – multiple versions and platforms
- Siemens Solid Edge – multiple versions and platforms
- Siemens Teamcenter Visualization – multiple versions and platforms
- SUBNET PowerSYSTEM Center – version 19 and prior
The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates if available.