[Control systems] CISA ICS security advisories (AV25–043)

Serial number: AV25-043
Date: January 27, 2025

Between January 20 and 26, 2025, CISA published ICS advisories to address vulnerabilities in the following products:

  • Hiitachi Energy RTU500 Series CMU Firmware – multiple versions
  • HMS Networks Ewon Flexy 202 – all versions
  • mySCADA myPRO Manager – versions prior to 1.3
  • mySCADA myPRO Runtime – versions prior to 9.2.1
  • Schneider Electric Easergy Studio – versions 9.3.1 and prior
  • Schneider Electric EcoStruxure Power Build Rapsody – multiple versions
  • Schneider Electric EVlink Home Smart – versions prior to 2.0.6.0.0
  • Schneider Electric Charge – versions prior to 1.13.4
  • Siemens SIMATIC S7-1200 CPUs – multiple versions and models
  • Siemens SIPLUS S7-1200 CPUs – multiple versions and models
  • Traffic Alert and Collision Avoidance System (TCAS) II – versions 7.1 and prior
  • ZF Roll Stability Support Plus (RSSPlus) 2M – build dates 01/08 to 01/23

The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates if available.

Date modified: