Schneider Electric PowerSCADA Anywhere and Citect Anywhere

Schneider Electric released updates to address multiple high and medium vulnerabilities in its PowerSCADA Anywhere and Citect Anywhere products, applications of Citect SCADA software used by industrial process customers. Successful exploitation of some of the vulnerabilities could allow a threat actor to make state-changing requests and view unauthorized information. The NJCCIC recommends all users and administrators of the affected products review the ICS-CERT Advisory, apply the necessary updates to version 1.1, and implement the recommended mitigations to further harden systems running the affected products.