Serial number: AV24-678
Date: November 25, 2024
Between Novembre 18 and Novembre 24, 2024, CISA published ICS advisories to address vulnerabilities in the following products:
- Automated Logic Carrier i-Vu – version 7.0
- Automated Logic SiteScan Web – version 7.0
- Automated Logic WebCTRL Server – version 7.0
- Automated Logic WebCTRL for OEMs – version 7.0
- Mitsubishi Electric MELSEC iQ-F Series – multiple versions and models
- mySCADA myPRO Manager – versions prior to 1.3
- mySCADA myPRO Runtime – versions prior to 9.2.1
- OSCAT CODESYS Basic Library – version 3.3.5.0
- OSCAT oscat.de OSCAT Basic Library – version 3.3.5 and prior
- OSCAT oscat.de OSCAT Basic Library – version 335 and prior
- Schneider Electric EcoStruxure IT Gateway – multiple versions
- Schneider Electric Modicon M340 CPU (part numbers BMXP34*) – all versions
- Schneider Electric Modicon MC80 (part numbers BMKC80) – all versions
- Schneider Electric Modicon Momentum Unity M1E Processor (171CBU*) – all versions
- Schneider Electric PowerLogic PM5320 – version 2.3.8 and prior
- Schneider Electric PowerLogic PM5340 – version 2.3.8 and prior
- Schneider Electric PowerLogic PM5341 – version 2.6.6 and prior
The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates if available.