This advisory contains mitigations for Improper Access Control, Relative Path Traversal, and Cross-site Scripting vulnerabilities in the Elcomplus SmartICS web-based HMI. 

https://us-cert.cisa.gov/ics/advisories/icsa-22-174-05