CISA Releases OT and ICS Advisory - 20240926002 (#1003)

* SolarWinds Releases Patches for Access Rights Manager vulnerabilities - 20240219001

* Format markdown files

* Format markdown files

* Junos OS RCE Vulnerability - 20240226002

* Format markdown files

* Windows Themes Spoofing Vulnerability - 20240308003

* Format markdown files

* Windows Themes Spoofing Vulnerability - 20240308003 - edited

* Akamai Kubernetes Vulnerability - 20240318002

* Format markdown files

* CISA Releases Multiple Critical Infrastructure Related Advisories - 20240327001

* Format markdown files

* PGAdmin Remote Code Execution Vulnerability - 20240408001

* Format markdown files

* Update 20240408001-PGAdmin-Remote-Code-Execution-Vulnerability.md

FIxing tables

* Format markdown files

* Palo Alto Networks PAN-OS Command Injection Vulnerability added to CISA Known Exploited Catalog - 20240415001

* Format markdown files

* Palo Alto Networks PAN-OS Command Injection Vulnerability added to CISA Known Exploited Catalog - 20240415001

* Format markdown files

* Update 20240415001-PaloAlto-Networks-PAN-OS-Command-Injection-Vulnerability-added-to-CISA-Known-Exploited-Catalog.md

Added older versions updates and Zero day notes

* Format markdown files

* Google Chrome Multiple RCE Vulnerabilities - 20240418002

* Format markdown docs

* Remove duplicate 20240415001-PaloAlto

* Update 20240418002-Google-Chrome-Multiple-RCE-Vulnerabilities.md

Reviewed and Approved

* Format markdown docs

* Libreswan Popular VPN Software Vulnerability - 20240419004

* Format markdown docs

* Update 20240419004-Libreswan-Popular-VPN-Software-Vulnerability.md

Fix table

* Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability - 20240422002

* Format markdown docs

* Update 20240422002-Microsoft-Edge-Chromium-based-Security-Feature-Bypass-Vulnerability.md

fix tables

* Windows Kernel Elevation of Privilege Vulnerability - 20240429001

* Format markdown docs

* Update 20240429001-Windows-Kernel-Elevation-of-Privilege-Vulnerability.md

fixing table

* Acrobat Reader Vulnerability - 20240503003

* Format markdown docs

* Google Chrome Arbitrary Code Execution Multiple Vulnerabilities - 20240509001

* Format markdown docs

* Update 20240509001-Google-Chrome-Arbitrary-Code-Execution-Multiple-Vulnerabilities.md

Fix table

* Microsoft Edge (Chromium-based) Spoofing Vulnerability - 20240513003

* Format markdown docs

* Update 20240513003-Microsoft-Edge-Chromium-based-Spoofing-Vulnerability.md

Fix table

* Cacti Command Injection and XSS Vulnerabilities - 20240516004

* Format markdown docs

* Ivanti EPMM Vulnerability - 20240523002

* Format markdown docs

* Ivanti EPMM Vulnerability - 20240523002

* Ivanti EPMM Vulnerability - 20240523002

* Ivanti Endpoint Manager GetRulesetsSQL SQL Injection RCE Vulnerability - 20240527003

* Format markdown docs

* Update 20240527003-Ivanti-Endpoint-Manager-GetRulesetsSQL-SQL-Injection-RCE-Vulnerability.md

Reduce size of title

* WordPress Plugin Vulnerabilities - 20240626003

* Format markdown docs

* GeoServer Urgent Advisory - 20240704002

* Format markdown docs

* Ivanti Releases New Security Advisories - 20240718004

* Format markdown docs

* Apple Releases Multiple Product Updates - 20240731004

* Format markdown docs

* Update 20240731004

* Format markdown docs

* Azure Managed Instance for Apache Cassandra Elevation of Privilege Vulnerability - 20240822002

* Format markdown docs

* Update 20240822002

Renamed page to reduce character count.
Updated observations to include vendor knowledge of exploitation.
Updated recommendation to "48 hours" in alignment with E8 ML1 Patch Management.

* Cisco Publishes Critical Update - 20240906003

* Format markdown docs

* Cisco Publishes Critical Update - 20240906003

* Format markdown docs

* Update 20240906003

Reformatted table to condense same product and versions to a single line with CVEs line separated.

* Format markdown docs

* SolarWinds Critical Update - 20240913001

* Format markdown docs

* SolarWinds Critical Update - 20240913001

* CISA Releases OT and ICS Advisory - 20240926002

* Format markdown docs

* Update 20240926002

Removed hyperlinked secondary article as it is referenced in the CISA Advisory page.

---------

Co-authored-by: GitHub Actions <actions@github.com>
Co-authored-by: Joshua Hitchen (DGov) <86041569+DGovEnterprise@users.noreply.github.com>
Co-authored-by: LSerki <LSerki@users.noreply.github.com>
Co-authored-by: DGovEnterprise <DGovEnterprise@users.noreply.github.com>
Co-authored-by: JadonWill <117053393+JadonWill@users.noreply.github.com>
Co-authored-by: JadonWill <JadonWill@users.noreply.github.com>

docs/advisories/20240926002-CISA-OT-and-ICS-Advisory.md

@@ -0,0 +1,11 @@
+# CISA Releases OT and ICS Security Advisory - 20240926002
+
+## Overview
+
+CISA has issued an advisory urging OT and ICS operators in critical infrastructure sectors to implement recommended measures in response to the ongoing exploitation of internet-accessible operational technology and industrial control systems devices.
+
+## Recommendation
+
+The WA SOC recommends administrators review relevant advisories and apply the recommended actions to all affected devices.
+
+- CISA Advisory: <https://www.cisa.gov/news-events/alerts/2024/09/25/threat-actors-continue-exploit-otics-through-unsophisticated-means>