Number: AV21-610
Date: 3 December 2021
On 2 December 2021 ICS-CERT published ICS Advisories to highlight vulnerabilities in the following products:
- APM Edge – versions 1.0, 2.0 and 3.0
- RTU500 series CMU – multiple firmware versions
- PCM600 Update Manager – multiple versions
- Relion 670/650/SAM600-IO – multiple versions, all revisions
Exploitation of these vulnerabilities may allow for TCP connection hijacking, security bypass, information disclosure, system reboot or a denial of service.
The Cyber Centre encourages users and administrators to review the provided web links, perform the suggested mitigations and apply the necessary updates, once available.
ICS Advisory (ICSA-21-336-04)
https://us-cert.cisa.gov/ics/advisories/icsa-21-336-04
ICS Advisory (ICSA-21-336-05)
https://us-cert.cisa.gov/ics/advisories/icsa-21-336-05
ICS Advisory (ICSA-21-336-06)
https://us-cert.cisa.gov/ics/advisories/icsa-21-336-06
ICS Advisory (ICSA-21-336-07)
https://us-cert.cisa.gov/ics/advisories/icsa-21-336-07
ICS Advisory (ICSA-21-336-08)
https://us-cert.cisa.gov/ics/advisories/icsa-21-336-08