I have heard rumors that there are two or three ICS-CERT advisories currently on the US-CERT Secure Portal. ICS-CERT typically releases advisories for high impact vulnerabilities on the Secure Portal first to allow critical infrastructure owners a chance to implement appropriate mitigation measures before those vulnerabilities are released to the public.
Readers of this blog will probably be aware that I do not have access to the Secure Portal. It was graciously offered but I turned it down because I did not want to be put in the position of knowing about advisories like this without being able to write about them.
I would encourage all critical infrastructure facilities with control systems to request access to the US-CERT Secure Portal so that they would have access to advisories like this before they are made public. Instructions on how to apply for access can be found on the bottom of the ICS-CERT main website.