Posts for category: ICS Weekly Executive Summaries

General Electric MiCOM S1 Agile Vulnerability

Executive summary On Tuesday, November 07, 2023, the Cybersecurity and Infrastructure Security Agency (CISA) released an industrial control system advisory  (ICSA-23-311-01) regarding a ...

Ashlar-Vellum Cobalt, Graphite, Xenon, Argon, and Lithium Vulnerability

Executive Summary On Thursday, October 26, 2023, the Cybersecurity and Infrastructure Security Agency (CISA) released an industrial control system advisory (ICSA-23-299-03) regarding two ...

Hitachi Energy AFS65x, AFF66x, AFS67x, and AFR67x Series Vulnerabilities

Executive Summary On Thursday, October 05, 2023, the Cybersecurity and Infrastructure Security Agency (CISA) released an industrial control system advisory (ICSA-23-278-01) highlighting an ...

Mitsubishi Electric FA Engineering Software: GX Works3 Vulnerabilities

Executive Summary On Tuesday, September 26, 2023, the Cybersecurity and Infrastructure Security Agency (CISA) released an industrial control system advisory (ICSA-23-269-03) regarding ...

Omron’s NJ/NX-Series Machine Automation Controllers Vulnerabilities

Executive Summary On April 13, 2022, the Department of Energy (DOE), the Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the Federal Bureau of ...

Dataprobe’s iBoot-Power Distribution Unit (PDU) Vulnerabilities

Executive Summary On Tuesday, September 20, 2022, Cybersecurity and Infrastructure Security Agency (CISA) released an industrial control system advisory (ICSA-22-263-03) regarding seven serious ...

ICS Best Practice Resources

Executive Summary Cyber attackers and online criminal gangs have disrupted corporations and critical infrastructure globally through cyberterrorism for over 20 years. Today, they are utilizing ...

OT:ICEFALL – Forescout’s Vedere Labs Identifies 56 Vulnerabilities Impacting OT Devices

Executive Summary Vedere Labs researchers released a report, in June of 2022, concerning 56 new vulnerabilities in 26 models of ten different operational technology (OT) manufacturers' devices. ...

INFRA:HALT – New NicheStack Vulnerabilities Affecting Critical OT Devices

Executive Summary NicheStack is a proprietary Internet Protocol version 4 (IPv4) network layer that is used in embedded operating systems in industrial control devices (ICS) [7]. It allows for ...

Hikvision: Chinese Surveillance Camera Vulnerability Exposes Zero-Click Network Compromise

Executive Summary A critical vulnerability has been found in the firmware of surveillance devices manufactured by Hikvision, a Chinese based tech company. The vulnerability can be exploited ...