[Control systems] CISA ICS security advisories (AV24–716)

Serial number: AV24-716
Date: December 16, 2024

Between December 9 and 15, 2024, CISA published ICS advisories to address vulnerabilities in the following products:

  • Horner Automation Cscape – versions 10.0.363.1 and prior
  • MOBATIME Network Master Clock - DTS 4801 – FW version 00020419.01.02020154
  • National Instruments LabVIEW 2024 – versions Q3 (24.3f0) and prior
  • National Instruments LabVIEW 2023 – all versions
  • National Instruments LabVIEW 2022 – all versions
  • National Instruments LabVIEW 2021 and prior – all versions
  • Rockwell Automation Arena – versions prior to V16.20.06
  • Schneider Electric EcoStruxure Foxboro DCS Core Control Services – versions 9.8 and prior
  • Schneider Electric FoxRTU Station – versions prior to 9.3.0
  • Siemens COMOS V10.4.4.1 – versions prior to V10.4.4.1.21
  • Siemens COMOS V10.4.4 – versions prior to V10.4.4.2
  • Siemens COMOS V10.4.3 – versions prior to V10.4.3.0.47
  • Siemens COMOS V10.4.2 – all versions
  • Siemens COMOS V10.4.1 – all versions
  • Siemens COMOS V10.4.0 – all versions
  • Siemens COMOS V10.3 – versions prior to V10.3.3.5.8
  • Siemens CPCI85 Central Processing/Communication – versions prior to V05.30
  • Siemens Parasolid V37.1 – versions prior to V37.1.109
  • Siemens Parasolid V37.0 – versions prior to V37.0.173
  • Siemens Parasolid V36.1 – versions prior to V36.1.225
  • Siemens RUGGEDCOM ROX II – versions prior to V2.16.0, multiple platforms
  • Siemens SENTRON PowerCenter 1000 (7KN1110-0MC00) – all versions
  • Siemens SENTRON Powercenter 1100 (7KN1111-0MC00) – all versions
  • Siemens Simcenter Femap V2406 – all versions
  • Siemens Simcenter Femap V2401 – all versions
  • Siemens Simcenter Femap V2306 – all versions
  • Siemens SIMATIC, SIMOCODE, SIMOTION, SINAMICS, SIRIUS and TIA Portal Cloud Engineering Platforms – multiple versions and platforms
  • Siemens Solid Edge SE2024 – versions prior to V224.0
  • Siemens Teamcenter Visualization V2406 – versions prior to V2406.0005
  • Siemens Teamcenter Visualization V2312 – versions prior to V2312.0008
  • Siemens Teamcenter Visualization V14.3 – versions prior to V14.3.0.12
  • Siemens Teamcenter Visualization V14.2 – versions prior to V14.2.0.14

The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates if available.

Date modified: