Serial number: AV24-537
Date: September 23, 2024
Between September 16 and 22, 2024, CISA published ICS advisories to address vulnerabilities in the following products:
- Kastle Systems Access Control System – firmware prior to May 1, 2024
- IDEC FC6A Series MICROSmart All-in-One CPU module – version 2.60 and prior
- IDEC FC6B Series MICROSmart All-in-One CPU module – version 2.60 and prior
- IDEC FC6A Series MICROSmart Plus CPU module – version 2.40 and prior
- IDEC FC6B Series MICROSmart Plus CPU module – version 2.60 and prior
- IDEC FT1A Series SmartAXIS Pro/Lite – version 2.41 and prior
- IDEC WindLDR – version 9.1.0 and prior
- IDEC WindO/I-NV4 – version 3.0.1 and prior
- MegaSys Computer Tech Telenium Online Web Application – version 8.3 and prior
- Millbeck Communications Proroute H685t-w – version 3.2.334
- Rockwell Automation RSLogix 500 – all versions
- Rockwell Automation RSLogix Micro Developer and starter – all versions
- Rockwell Automation RSLogix 5 – all versions
- Siemens SIMATIC S7-200 SMART CPU – multiple models and versions
- Yokogawa Dual-redundant Platform for Computer (PC2CKM) – versions R1.01.00 to R2.03.00
The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates.