The US Cybersecurity and Infrastructure Security Agency (CISA) published seven advisories this week covering vulnerabilities in industrial control systems (ICS) and supervisory control and data acquisition (SCADA) software from multiple vendors. Some of the flaws are rated critical and two of them already have public exploits.
The impacted products include:
- Scadaflex II controllers made by Industrial Control Links
- Screen Creator Advance 2 and Kostac PLC programming software from JTEKT Electronics
- Korenix JetWave industrial wireless access points and communications gateways
- Hitachi Energy’s MicroSCADA System Data Manager SDM600
mySCADA myPRO software - Rockwell Automation’s FactoryTalk Diagnostics
