The US Cybersecurity and Infrastructure Security Agency (CISA) revealed that 670 vulnerabilities affecting industrial control systems (ICS) and operational technology (OT) products were disclosed in the first half of 2023. The analysis was conducted by industrial asset and network monitoring company SynSaber in collaboration with the ICS Advisory Project. The report highlights that while the number of ICS advisories decreased slightly compared to the first half of 2022, the number of vulnerabilities covered in these advisories dropped by 1.6%. Over 40% of the vulnerabilities impact software, while 26% affect firmware. Critical manufacturing and energy sectors were most likely to be impacted by the disclosed vulnerabilities. Additionally, 34% of reported vulnerabilities don’t have available patches or remediations from the vendor.

Read more: https://www.securityweek.com/670-ics-vulnerabilities-disclosed-by-cisa-in-first-half-of-2023-analysis/