Summary: CISA has issued two critical advisories regarding vulnerabilities in Industrial Control Systems (ICS) that could severely affect critical infrastructure. The advisories target Rockwell Automation Lifecycle Services and Hitachi Energy’s MicroSCADA Pro/X SYS600, both indicating significant security risks that require immediate attention and mitigation. Organizations are urged to implement defensive measures to protect their systems from potential exploitation.
Affected: Rockwell Automation, Hitachi Energy
Keypoints :
- Advisory ICSA-25-091-01 details a severe vulnerability in Rockwell Automation’s systems with a CVSS v4 score of 9.4, allowing remote code execution.
- Advisory ICSA-24-331-04 highlights critical flaws in Hitachi Energy’s MicroSCADA Pro/X SYS600, with the most severe vulnerability, CVE-2024-4872, assigned a CVSS v3 score of 9.9.
- CISA recommends immediate mitigations, including minimizing network exposure, using secure access methods, and applying patches released by the affected vendors.
Source: https://thecyberexpress.com/industrial-control-systems-vulnerabilities-2/