us-cert

This advisory contains mitigations for Authentication Bypass and Use of a Broken or Risky Cryptographic Algorithm vulnerabilities in Honeywell Saia Burgess PG5 PCD, a PLC.

This advisory contains mitigations for Insufficient Verification of Data Authenticity, Missing Authentication for Critical Function, and Use of Hard-coded Credentials vulnerabilities in Honeywell Safety Manager, a safety solution of the Experion Process Knowledge System.

This advisory contains mitigations for an Improper Restriction of XML External Entity Reference vulnerability in versions of Inductive Automation Ignition software.

This advisory contains mitigations for an Cleartext Transmission of Sensitive Information vulnerability in AutomationDirect products.

This advisory contains mitigations for an Path Traversal, Deserialization of Untrusted Data, Inclusion of Functionality from Untrusted Control Sphere, Out-of-Bounds Read vulnerabilities in the SCADA products.

This updated advisory is a follow-up to the original advisory titled Rockwell Automation ISaGRAF that was published March 29, 2022, on the ICS webpage on cisa.gov/ics. This advisory contains mitigations for an Improper Restriction of XML External Entity Reference vulnerability in Rockwell Automation ISaGRAF software products.

This advisory contains mitigations for a Missing Authentication for Critical Function vulnerability in the ISaGRAF Workbench.

This advisory contains mitigations for an Missing Authentication for Critical Function vulnerability in the Metasys ADS, ADX, OAS.

This advisory contains mitigations for an Improper Privilege Management vulnerabilities in the ABB products.

This advisory contains mitigations for Use of Hard-coded Credentials, Improper Authentication, Cross-site Scripting, and Authorization Bypass Through User-controlled Key vulnerabilities in the MiCODUS MV720 GPS tracker.