Common Cybersecurity Vulnerabilities

This report is an update of a previous report first published in 2009. The previous document compiled common vulnerabilities identified during cybersecurity assessments of new ICS products and production ICS installations. This report adds the information gained from subsequent ICS cybersecurity assessments with new content from ICS-CERT products, field-knowledge gained by ICS-CERT incident response, and onsite assessments assisting ICS owners in using the CSET self-assessment tool.