us-cert

This advisory contains mitigations for Heap-Based Buffer Overflow and Stack-Based Buffer Overflow vulnerabilities in versions of the PTC product, Kepware KEPServerEX, a connectivity platform.

This advisory contains mitigations for a Command Injection vulnerability in versions of the Sensormatic Electronics product, Sensormatic iSTAR Ultra, a network-ready door controller.

This advisory contains mitigations for an Out-of-bounds Write vulnerability in various versions of the FvDesigner software tool.

This advisory contains mitigations for Untrusted Pointer Dereference, Stack-based Buffer Overflow, Use After Free, and Link Following vulnerabilities in Measuresoft ScadaPro Server and Client, a supervisory control and data acquisition (SCADA) system.

This advisory contains mitigations for an Out-of-bounds Write vulnerability in Measuresoft ScadaPro Server, a supervisory control and data acquisition (SCADA) system.

This advisory contains mitigations for a Stack-based Buffer Overflow vulnerability in versions of Hitatchi Energy RTU500 firmware.

This advisory contains mitigations for a Command Injection vulnerability in various versions of myPRO HMI and SCADA systems.

This advisory contains mitigations for a Cleartext Storage of Sensitive Information vulnerability in various components of ARC Informatique products.

This advisory contains mitigations for an Use of Hard-coded Cryptographic Key vulnerability in various versions of the DIALink Industrial Automation server.

This updated advisory is a follow-up to the advisory update titled ICSA-21-131-03 Siemens Linux-based Products (Update I) that was published August 11, 2022, to the ICS webpage at www.cisa.gov/ics. This advisory contains mitigations for a Use of Insufficiently Random Values vulnerability in versions of Siemens Linux-based products.