us-cert

This advisory contains mitigations for a Stack-based Buffer Overflow vulnerability in versions of Hitatchi Energy RTU500 firmware.

This advisory contains mitigations for a Command Injection vulnerability in various versions of myPRO HMI and SCADA systems.

This advisory contains mitigations for a Cleartext Storage of Sensitive Information vulnerability in various components of ARC Informatique products.

This advisory contains mitigations for an Use of Hard-coded Cryptographic Key vulnerability in various versions of the DIALink Industrial Automation server.

This updated advisory is a follow-up to the advisory update titled ICSA-21-131-03 Siemens Linux-based Products (Update I) that was published August 11, 2022, to the ICS webpage at www.cisa.gov/ics. This advisory contains mitigations for a Use of Insufficiently Random Values vulnerability in versions of Siemens Linux-based products.

This advisory contains mitigations for a Denial of Service vulnerability in CENTUM Controller FCS products.

This advisory contains mitigations for an Inadequate Encryption Strength vulnerability in LS ELECTRIC PLC and XG5000, a PLC programming software.

This advisory contains mitigations for Out-of-bounds Read, Uncontrolled Search Path Element, Improper Authentication, Relative Path Traversal, Cleartext Transmission of Sensitive Information, NULL Pointer Dereference, and Integer Underflow vulnerabilities in various Softing products.

This advisory contains mitigations for an Improper Restriction of XML External Entity Reference vulnerability in Delta Industrial Automation DRAS, a controller software suite.

This advisory contains mitigations for an Unrestricted Upload of File with Dangerous Type vulnerability in Industrial Automation Automation Studio 4, a PLC automation programming software.