The Cybersecurity and Infrastructure Security Agency recently offered the following security updates addressing vulnerabilities in multiple products. A cyber threat actor could exploit these vulnerabilities to take control of an affected system.
Users and administrators are encouraged to review the following for technical details and mitigations, and to apply the necessary updates:
- Microsoft Security Update Guide for June
- Fortinet has released security updates to address a vulnerability in FortiOS - FG-IR-23-460: Multiple Buffer Overflows in Diag Npu Command
- ICSA-24-163-01 Rockwell Automation ControlLogix, GuardLogix, and CompactLogix
- ICSA-24-163-02 AVEVA PI Web API
- ICSA-24-163-03 AVEVA PI Asset Framework Client
- ICSA-24-163-04 Intrado 911 Emergency Gateway
- ICSA-23-108-02 Schneider Electric APC Easy UPS Online Monitoring Software (Update A)
- ICSMA-24-163-01 MicroDicom DICOM Viewer
- ICSA-24-158-01 Emerson PACSystem and Fanuc
- ICSA-24-158-02 Emerson Ovation
- ICSA-24-158-03 Mitsubishi Electric CC-Link IE TSN Industrial Managed Switch
- ICSA-24-158-04 Johnson Controls Software House iStar Pro Door Controller