us-cert

This advisory contains mitigations for Untrusted Pointer Dereference, Stack-based Buffer Overflow, Use After Free, and Link Following vulnerabilities in Measuresoft ScadaPro Server and Client, a supervisory control and data acquisition (SCADA) system.

This advisory contains mitigations for an Out-of-bounds Write vulnerability in Measuresoft ScadaPro Server, a supervisory control and data acquisition (SCADA) system.

This advisory contains mitigations for a Stack-based Buffer Overflow vulnerability in versions of Hitatchi Energy RTU500 firmware.

This advisory contains mitigations for a Command Injection vulnerability in various versions of myPRO HMI and SCADA systems.

This advisory contains mitigations for a Cleartext Storage of Sensitive Information vulnerability in various components of ARC Informatique products.

This advisory contains mitigations for an Use of Hard-coded Cryptographic Key vulnerability in various versions of the DIALink Industrial Automation server.

This updated advisory is a follow-up to the advisory update titled ICSA-21-131-03 Siemens Linux-based Products (Update I) that was published August 11, 2022, to the ICS webpage at www.cisa.gov/ics. This advisory contains mitigations for a Use of Insufficiently Random Values vulnerability in versions of Siemens Linux-based products.

This advisory contains mitigations for a Denial of Service vulnerability in CENTUM Controller FCS products.

This advisory contains mitigations for an Inadequate Encryption Strength vulnerability in LS ELECTRIC PLC and XG5000, a PLC programming software.

This advisory contains mitigations for Out-of-bounds Read, Uncontrolled Search Path Element, Improper Authentication, Relative Path Traversal, Cleartext Transmission of Sensitive Information, NULL Pointer Dereference, and Integer Underflow vulnerabilities in various Softing products.