Review – 20 Advisories Published – 12-15-22

Yesterday, CISA’s NCCIC-ICS published twenty control system security updates for products from Siemens.

PROFINET Update #1 - This update provides additional information on an advisory that was originally published on October 10^th, 2019 and most recently updated on October 14^th, 2021.

PROFINET Update #2 - This update provides additional information on an advisory that was originally published on April 14^th, 2022 and most recently updated on October 13^th, 2022.

KTK Update - This update provides additional information on an advisory that was originally published on April 14^th, 2020 and most recently updated on June 16^th, 2022.

Industrial Products Update #1 - This update provides additional information on an advisory that was originally published on May 12^th, 2022 and most recently updated on August 11^th, 2022.

Industrial Products Update #2 - This update provides additional information on an advisory that was originally published on August 10^th, 2021 and most recently updated on September 15^th, 2022.

SCALANCE Update - This update provides additional information on an advisory that was originally published on June 12^th, 2018 and most recently updated on January 14^th, 2020.

SIMATIC Update #1 - This update provides additional information on an advisory that was originally published on April 14^th, 2020.

SIMATIC Update #2 - This update provides additional information on an advisory that that was originally published on July 9^th, 2020 and most recently updated on April 14^th, 2022.

Industrial PCs Update - This update provides additional information on an advisory that was originally published on May 12^th, 2022.

OpenSSL Update - This update provides additional information on an advisory that that was originally published on June 16^th, 2022 and most recently updated on October 13^th, 2022.

Web Server Update - This update provides additional information on an advisory that was originally published on November 10^th, 2022.

Teamcenter Update - This update provides additional information on an advisory that originally published on November 10^th, 2022.

Nucleus RTOS Update - This update provides additional information on an advisory that was originally published on October 13^th, 2022.

Mendix Update - This update provides additional information on an advisory that was originally published on September 15^th, 2022 and most recently updated on November 10^th, 2022.

SCALANCE Update #1 - This update provides additional information on an advisory that was originally published on October 13^th, 2022 and most recently updated on November 10^th, 2022.

SCALANCE Update #2 - This update provides additional information on an advisory that was originally published on February 11^th, 2020 and most recently updated on April 13^th, 2022.

SCALANCE Update #3 - This update provides additional information on an advisory that was originally published on January 14^th, 2020 and most recently updated on February 11^th, 2022.

SCALANCE Update #4 - This update provides additional information on an advisory that originally published on January 12^th, 2021 and most recently updated on February 9^th, 2021.

SICAM Update - This update provides additional information on an advisory that was originally published on October14th, 2022.

RUGGEDCOM Update - This update provides additional information on an advisory that was originally published on March 10^th, 2022 and most recently updated on November 10^th, 2022.

 

For more details on these updates, including brief summary of changes made, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/20-advisories-published-12-15-22 - subscription required.