CISA Industrial Control Systems Advisories - 20230512001

Overview

CISA released fifteen Industrial Control Systems (ICS) advisories on May 11, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.

What is the vulnerability?

• ICSA-23-131-01 Siemens Solid Edge

• ICSA-23-131-02 Siemens SCALANCE W1750D

• ICSA-23-131-03 Siemens Siveillance

• ICSA-23-131-04 Siemens SIMATIC Cloud Connect 7

• ICSA-23-131-05 Siemens SINEC NMS Third-Party

• ICSA-23-131-06 Siemens SCALANCE LPE9403

• ICSA-23-131-07 Sierra Wireless AirVantage

• ICSA-23-131-08 Teltonika Remote Management System and RUT Model Routers

• ICSA-23-131-09 Rockwell Automation Kinetix 5500 EtherNetIP Servo Drive

• ICSA-23-131-10 Rockwell Automation Arena Simulation Software

• ICSA-23-131-11 BirdDog Cameras & Encoders

• ICSA-23-131-12 SDG PnPSCADA

• ICSA-23-131-13 PTC Vuforia Studio

• ICSA-23-131-14 Rockwell PanelView 800

• ICSA-23-131-15 Rockwell ThinManager

What has been observed?

There is no evidence of exploitation affecting Western Australian Government networks at the time of publishing

Recommendation

The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected systems:

• https://www.cisa.gov/news-events/alerts/2023/05/11/cisa-releases-fifteen-industrial-control-systems-advisories

Additional References

• https://www.cisa.gov/news-events/alerts/2023/05/11/cisa-releases-fifteen-industrial-control-systems-advisories