Let's be fair now, do you even know what ICS-CERT is and what they really do?
What should you do if you installed a product that was listed with an ICS-CERT Alert or Advisory? Do you share it with the customers ISO and recommend the ICS-CERT Mitigation path? Here is a example only, not calling out any specific supplier what so ever. Geutebruck IP Cameras Vulnerability