Juniper Networks Releases Security Updates for Multiple Products
Original release date: January 12, 2023Juniper Networks has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.
CISA encourages users and administrators to review Juniper Networks’ security advisories page and apply the necessary updates.
This product is provided subject to this Notification and this Privacy & Use policy.
CISA Releases Twelve Industrial Control Systems Advisories
Original release date: January 12, 2023CISA released twelve Industrial Control Systems (ICS) advisories on January 12, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations:
ICSA-23-012-01 Sewio RTLS Studio
ICSA-23-012-02 RONDS Equipment Predictive Maintenance Solution
ICSA-23-012-03 InHand Networks Device Manager
ICSA-23-012-04 Panasonic Sanyo CCTV Network Camera
ICSA-23-012-05 SAUTER Controls Nova 200 – 220 Series (PLC 6)
ICSA-23-012-06 Johnson Controls Metasys
ICSA-22-012-07 Hitachi Energy Lumada APM
ICSA-23-012-08 Siemens S7-1500 CPU devices
ICSA-23-012-09 Siemens Mendix SAML Module
ICSA-23-012-10 Siemens Automation License Manager
ICSA-23-012-11 Siemens Solid Edge before V2023 MP1
ICSMA-21-322-02 Philips Patient Information Center iX (PIC iX) and Efficia CM Series (Update A)
This product is provided subject to this Notification and this Privacy & Use policy.
Drupal Releases Security Update to Address Vulnerability in Private Taxonomy Terms
Original release date: January 12, 2023Drupal has released a security update to address a vulnerability affecting private vocabulary modules for Drupal 8.x. An unauthorized user could exploit this vulnerability to bypass access permissions to create, modify, and delete private vocabulary terms.
CISA encourages users and administrators to review Drupal’s security advisory SA-CONTRIB-2023-001 and apply the necessary update.
This product is provided subject to this Notification and this Privacy & Use policy.