Review - Public ICS Disclosures – Week of 6-6-26 – Part 2

For Part 2 we have 29 bulk vendor disclosures from Palo Alto Networks (11), Siemens (6), and Splunk (12). We also have 11 additional vendor disclosures from MBS, Mettler Toledo, Moxa, Omicron Energy, Schneider (3), Supermicro, and TP-Link (3). Watch for Part 3 tomorrow. 

Bulk Vendor Disclosures  

Palo Alto Networks (11) 

Siemens (6) 

Splunk (12) 

Advisories  

MBS Advisory - CERT-VDE published an advisory that describes 10 vulnerabilities in the MBS Universal Gateways (UGW-A-Series, UGW-X-Series) connect devices. 

Mettler Advisory - CERT-VDE published an advisory that discusses 21 vulnerabilities in the Mettler LabX Standard. 

Moxa Advisory - Moxa published an advisory that describes two vulnerabilities in their Industrial Computers. 

Omicron Advisory - Omicron published an advisory that discusses six vulnerabilities (three with publicly available exploits) in multiple Omicron products. 

Schneider Advisory #1 - Schneider published an advisory that describes an improper restriction of XML external Entity reference vulnerability in their EcoStruxure IT Data Center Expert. 

Schneider Advisory #2 - Schneider published an advisory that describes two vulnerabilities in their EasyLogic T150 RTU and Saitel DP Remote Terminal Unit & Controller products. 

Schneider Advisory #3 - Schneider published an advisory that describes three vulnerabilities in their PowerLogic P7 product. 

Supermicro Advisory - Supermicro published an advisory that discusses an improper access control for register interface vulnerability on their server H13, and H14 motherboards. 

TP-Link Advisory #1 - TP-Link published an advisory that describes a use of externally-controlled format string vulnerability in their Tapo C110 WiFi camera. 

TP-Link Advisory #2 - TP-Link published an advisory that describes an OS command injection vulnerability in their Archer Routers. 

TP-Link Advisory #3 - TP-Link published an advisory that describes an OS command injection vulnerability in their Archer Routers. 

For more information on these disclosures, including links to 3rd party advisories and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-6-c2a - subscription required. 

Review – Bills Introduced – 6-12-26

Yesterday, with neither the House nor Senate in session, there was one bill introduced. That bill will be covered in this blog: 

HR 9310 Making appropriations for the Department of Homeland Security for the fiscal year ending September 30, 2027, and for other purposes. Rep. Amodei, Mark E. [R-NV-2]    

For more information on these bills, including legislative history for similar bills in the 118th Congress, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/bills-introduced-6-12-26 - subscription required. 

OMB Approves NHTSA FMVSS 135 ADS NPMR

This rulemaking was not listed in the Spring 2025 Unified Agenda. This is part of NHTSA’s ongoing effort to update existing FMVSS to include (where applicable) automated driving systems equipped vehicles; see here for example.  

For this rulemaking, I would expect NHTSA to address, for instance, § 571.135 S5.3.1 states that: “The service brakes shall be activated by means of a foot control.” An ADS equipped vehicle may not be equipped with a foot brake control, requiring a change in that language. Because of the increased importance of electronic controls in an ADS-equipped vehicle, I would like to see (but do not really expect to see) some mention of cybersecurity controls in the revised standards. 

Lacking cybersecurity provisions, I would not expect to cover this rulemaking in any detail. I will at least mention the NPRM’s publication in the appropriate Short Takes post. 

FCC Sends Space Operations NPRM to OMB

On Thursday, the OMB’s Office of Information and Regulatory Affairs (OIRA) announced that it had received a notice of proposed rulemaking (NPRM) from the FCC on “Operation of Part 15 Devices in Space (ET Docket 25-XXX)”. 

This rulemaking was not listed the Spring 2025 Unified Agenda, and the ‘XXX’ docket number would seem to indicate that there is not a current FCC docket number either. The ‘Part 15’ references electronic transmission devices covered under 47 CFR Part 15, devices that “may be operated without an individual license.” {§ 15.1(a)} I would suspect that the NPRM would address any additional requirements for such devices in space operations. 

I do not expect to cover this rulemaking in any detail, but under my limited Space Geek coverage, I would expect to announce its publication in the appropriate Short Takes post. 

Review – Public ICS Disclosures – 6-6-26 – Part 1

This has been a relatively busy disclosure week. For Part 1 we have 14 vendor disclosures from B&R (2), FortiGuard (2), Hitachi (2), HP (3), HPE (4), and Mitsubishi. 

Advisories  

B&R Advisory #1 - B&R published an advisory that discusses five vulnerabilities (four with publicly available exploits) in multiple Linux based B&R products. 

B&R Advisory #2 - B&R published an advisory that discusses a race condition within a thread vulnerability in multiple B&R products. 

FortiGuard Advisory #1 - FortiGuard published an advisory that describes an internal asset exposed to unsafe debug access level or state vulnerability in their FortiOS and FortiProxy products. 

FortiGuard Advisory #2 - FortiGuard published an advisory that describes an OS command injection vulnerability in their FortiSandbox product. 

Hitachi Advisory #1 - Hitachi published an advisory that describes an iSCSI port vulnerability in multiple Hitachi products. 

Hitachi Advisory #2 - Hitachi published an advisory that discusses an improper neutralization of escape, meta or control sequences vulnerability in their Cosminexus HTTP Server and Hitachi Web Server. 

HP Advisory #1 - HP published an advisory that discusses nine vulnerabilities in multiple HP product lines. 

HP Advisory #2 - HP published an advisory that discusses an improper isolation of shared resources on system-on-a-chip vulnerability in multiple HP product lines. 

HP Advisory #3 - HP published an advisory that discusses an improper handling of insufficient entropy in TRNG vulnerability in multiple HP product lines. 

HPE Advisory #1 - HPE published an advisory that discusses an improper access control for register interface vulnerability in their ProLiant AMD Servers. 

HPE Advisory #2 - HPE published an advisory that discusses a race condition vulnerability in their RL300 Server. 

HPE Advisory #3 - HPE published an advisory that discusses the FunkyChunks vulnerability. HPE provides a list of affected products. 

HPE Advisory #4 - HPE published an advisory that discusses a heap-based buffer overflow vulnerability in their Aruba Networking Products. 

Mitsubishi Advisory - Mitsubishi published an advisory that describes a use of hard-coded credentials vulnerability in multiple home appliance products. 

For more information on these disclosures, including links to 3rd party advisories, researcher reports, and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-6-6-26-part - subscription required.