CISA Issues 18 Advisories on Industrial Control Systems Vulnerabilities

CISA released 18 Industrial Control Systems (ICS) Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. 

•  ICSA-25-317-01 Mitsubishi Electric MELSEC iQ-F Series
• ICSA-25-317-02 AVEVA Application Server Immutable Deployment Environment (IDE)
• ICSA-25-317-03 AVEVA Edge
• ICSA-25-317-04 Brightpick Mission Control / Internal Logic Control
• ICSA-25-317-05 Rockwell Automation Verve Asset Manager
• ICSA-25-317-06 Rockwell Automation Studio 5000 Simulation Interface
• ICSA-25-317-07 Rockwell Automation FactoryTalk DataMosaix Private Cloud
• ICSA-25-317-08 General Industrial Controls Lynx+ Gateway
• ICSA-25-317-09 Rockwell Automation FactoryTalk Policy Manager
• ICSA-25-317-10 Rockwell Automation AADvance-Trusted Sovereign Infrastructure Standard (SIS) Workstation
• ICSA-25-317-11 Siemens SICAM P850 family and SICAM P855 family
• ICSA-25-317-12 Siemens Spectrum Power 4
• ICSA-25-317-13 Siemens LOGO! 8 BM Devices
• ICSA-25-317-14 Siemens Solid Edge
• ICSA-25-317-15 Siemens COMOS
• ICSA-25-317-16 Siemens Altair Grid Engine
• ICSA-25-317-17 Siemens Software Center and Solid Edge
• ICSA-25-273-04 Festo Controller CECC-S,-LK,-D Family Firmware (Update A) 

CISA encourages users and administrators to review newly released ICS Advisories for technical details and mitigations.