Serial number: AV24-523
Date: September 16, 2024
Between September 9 and 15, 2024, CISA published ICS advisories to address vulnerabilities in the following products:
- AutomationDirect DirectLogic H2-DM1E - version 2.8.0 and prior
- BPL Medical Technologies Be Well Android Application - version 3.64 and prior
- BPL Medical Technologies PWS-01-BT - all versions
- iniNet Solutions GmbH SpiderControl SCADA Web Server - version v2.09 and prior
- Rockwell Automation 5015-U8IHFT - version 1.012 and prior
- Rockwell Automation 1756-EN4 - version 2.001
- Rockwell Automation AADvance Trusted SIS Workstation - version 2.00.01 and prior
- Rockwell Automation CompactLogix 5380 - version v.32.011
- Rockwell Automation CompactLogix 5380 Process - version v.33.011
- Rockwell Automation Compact GuardLogix 5380 SIL 2 - version v.32.013
- Rockwell Automation Compact GuardLogix 5380 SIL 3 - version v.32.011
- Rockwell Automation CompactLogix 5480 - version v.32.011
- Rockwell Automation ControlLogix 5580 - version v.32.011
- Rockwell Automation ControlLogix 5580 Process - version v.33.011
- Rockwell Automation GuardLogix 5580 - version v.32.011
- Rockwell Automation Embedded Edge Compute Module - version 4.0.0.347
- Rockwell Automation FactoryTalk Batch View - version 2.01.00 and prior
- Rockwell Automation FactoryTalk View Site Edition - versions V12.0, V13.0 and V14.0
- Rockwell Automation 2800C OptixPanel Compact - version 4.0.0.325
- Rockwell Automation 2800S OptixPanel Standard - version 4.0.0.350
- Rockwell Automation Pavilion8 - versions prior to V5.20
- Rockwell Automation SequenceManager - versions prior to 2.0
- Rockwell Automation ThinManager - multiple versions
- Siemens AI Model Deployer - versions prior to V1.1
- Siemens Automation License Manager V5 – All versions
- Siemens Automation License Manager V6.0 – all versions
- Siemens Automation License Manager V6.2 - versions prior to V6.2 Upd3
- Siemens Data Flow Monitoring Industrial Edge Device User Interface (DFM IED UI) - versions prior to V0.0.6
- Siemens Industrial Edge Management OS (IEM-OS) - all versions
- Siemens Industrial Edge Management Pro - versions prior to V1.9.5
- Siemens Industrial Edge Management Virtual - versions prior to V2.3.1-1
- Siemens LiveTwin Industrial Edge app (6AV2170-0BL00-0AA0) - versions prior to V2.4
- Siemens Mendix Runtime V8 - multiple versions
- Siemens Mendix Runtime V9 - multiple versions
- Siemens Mendix Runtime V10 - multiple versions
- Siemens Mendix Runtime V10.6 - multiple versions
- Siemens Mendix Runtime V10.12 - multiple versions
- Siemens Plant Simulation V2302 - versions prior to V2302.0015
- Siemens Plant Simulation V2404 - versions prior to V2404.0004
- Siemens SCALANCE W700 – multiple products and versions
- Siemens SICAM A8000 Device Firmware ETI5 Ethernet Int. 1x100TX IEC61850 - versions prior to V05.30
- Siemens SICAM EGS Device Firmware ETI5 - versions prior to V05.30
- Siemens SICAM 8 Software Solution ETI5 - versions prior to V05.30
- Siemens SICAM SCC - versions prior to V10.0
- Siemens SIMATIC BATCH V9.1 - all versions
- Siemens SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) - versions prior to V3.5.20
- Siemens SIMATIC CP 1243-1 (incl. SIPLUS variants) - versions prior to V3.5.20
- Siemens SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) - versions prior to V3.5.20
- Siemens SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) - versions prior to V3.5.20
- Siemens SIMATIC CP 1243-7 LTE - versions prior to V3.5.20
- Siemens SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) - versions prior to V3.5.20
- Siemens SIMATIC HMI Comfort Panels (incl. SIPLUS variants) - all versions
- Siemens SIMATIC IPC DiagBase - all versions
- Siemens SIMATIC IPC DiagMonitor - all versions
- Siemens SIMATIC Information Server 2020 - all versions
- Siemens SIMATIC Information Server 2022 - all versions
- Siemens SIMATIC Information Server 2024 - all versions
- Siemens SIMATIC PCS 7 V9.1 - all versions
- Siemens SIMATIC PCS neo V4.0 - all versions
- Siemens SIMATIC PCS neo V4.1 - versions prior to V4.1 Update 2
- Siemens SIMATIC PCS neo V5.0 - all versions
- Siemens SIMATIC Process Historian 2020 - all versions
- Siemens SIMATIC Process Historian 2022 - all versions
- Siemens SIMATIC RFID Readers - multiple products and versions
- Siemens SIMATIC WinCC Runtime Professional V17 - all versions
- Siemens SIMATIC WinCC Runtime Professional V18 - all versions
- Siemens SIMATIC WinCC Runtime Professional V19 - all versions
- Siemens SIMATIC WinCC Runtime Professional V20 - all versions
- Siemens SIMATIC WinCC V7.4 - all versions
- Siemens SIMATIC WinCC V7.5 - all versions
- Siemens SIMATIC WinCC V8.0 - all versions
- Siemens SIMATIC WinCC Runtime Advanced - all versions
- Siemens SINEC NMS - all versions
- Siemens SINEMA Remote Connect Client - versions prior to V3.2 SP2
- Siemens SINEMA Remote Connect Server - versions prior to V3.2 SP2
- Siemens SINUMERIK 828D V4 - multiple versions
- Siemens SINUMERIK 828D V5 - versions prior to V5.24
- Siemens SINUMERIK 840D sl V4 - multiple versions
- Siemens SINUMERIK ONE - multiple versions
- Siemens SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) - versions prior to V2.4.8
- Siemens SITIPE AT - all versions
- Siemens TIA Administrator - versions prior to V3.0 SP3
- Siemens TIM 1531 IRC (6GK7543-1MX00-0XE0) - versions prior to V2.4.8
- Siemens Totally Integrated Automation Portal (TIA Portal) V16 - all versions
- Siemens Totally Integrated Automation Portal (TIA Portal) V17 - versions prior to V17 Update 8
- Siemens Totally Integrated Automation Portal (TIA Portal) V18 - all versions
- Siemens Totally Integrated Automation Portal (TIA Portal) V19 - all versions
- Viessmann Climate Solutions SE Viessmann Vitogate 300 - version 2.1.3.0 and prior
The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates.