CISA Industrial Control Systems Advisories, May 23 - 20230524001

Overview

CISA released four Industrial Control Systems (ICS) advisories on May 23, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.

What is the vulnerability?

• ICSA-23-143-01 Hitachi Energy AFS65x, AFS67x, AFR67x and AFF66x

• ICSA-23-143-02 Hitachi Energy RTU500

• ICSA-23-143-03 Mitsubishi Electric MELSEC Series CPU module

• ICSA-23-143-04 Horner Automation Cscape

What has been observed?

There is no evidence of exploitation affecting Western Australian Government networks at the time of publishing

Recommendation

The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected systems:

• https://www.cisa.gov/news-events/alerts/2023/05/23/cisa-releases-four-industrial-control-systems-advisories

Additional References

• https://www.cisa.gov/news-events/ics-advisories/icsa-23-143-01