SECURITY UPDATES

ICONICS is committed to providing high-quality, secure products to its customers. To that end, ICONICS recommends that users of the ICONICS Suite, GENESIS64, Hyper Historian, AnalytiX, GENESIS32, BizViz, OPC Servers, or other ICONICS products take the following steps to mitigate security risks:

  • Use a firewall. Consider using a Web Application Firewall (WAF).  Place control system networks and devices behind firewalls and isolate them from the business network.
  • Restrict access to all TCP ports, such as port 38080 and 6002. If remote access is required, utilize secure methods such as Virtual Private Networks (VPNs).
  • Minimize network exposure for all control system devices. Control system devices should not directly face the Internet.
  • Minimize the attack surface by turning off services and point managers which you are not going to use in the project.
  • If you are not running the latest version of ICONICS software, install the appropriate patch files listed in our Security Vulnerabilities Whitepapers below.

WHITEPAPER ON SECURITY VULNERABILITIES

A whitepaper is available for download that contains an overview, details and mitigation plan regarding previously identified ICS-CERT vulnerabilities for ICONICS GENESIS64 and GENESIS32 Supervisory Control and Data Acquisition (SCADA) products.

Download the GENESIS64 Security Vulnerabilities Whitepaper here for more information on GENESIS64.
Download the GENESIS32 Security Vulnerabilities Whitepaper here for more information on GENESIS32.

SECURITY PATCHES

Please consult our Security Vulnerabilities Whitepapers above to learn how to mitigate vulnerabilities for your specific version. Access to download patches is available by logging into the ICONICS Customer Connection Portal or ICONICS Community Portal using a SupportWorX plan number.

ICS CERT

ICONICS works closely with the ICS CERT program operated by the CISA division of the United States Department of Homeland Security https://us-cert.cisa.gov/.

As a result of this cooperation, identified security vulnerabilities are posted on the CERT website with documentation on the vulnerability as well as the means of mitigation. ICONICS makes security patches available to users as necessary in order to mitigate any identified vulnerabilities.

Looking for MC Works patches instead?

Find the latest security patches for MC Works software products.

Want to be notified of Security Updates?

Receive the latest news about Security Updates and find out when they are released.