Review - Public ICS Disclosures – 9-10-21

This week we have twelve vendor disclosures from ABB, BD, Draeger, Honeywell, Johnson Controls, Mitsubishi, Philips, and QNAP (5). There are also three updates from ABB, Aruba, and Yokogawa. We also have thirteen researcher reports for products from ECOA. Finally, we have an exploit for products from Geutebruck.

ABB Advisory - ABB published an advisory describing six vulnerabilities in their EIBPORT product.

BD Advisory - BD published an advisory describing four vulnerabilities in their BD Alaris and BD FocalPoint products.

Draeger Advisory - Draeger published an advisory discussing the FragAttacks WiFi vulnerabilities.

Honeywell Advisory - Honeywell published a notice announcing the availability of new versions of their VMS and NVR Software that contain fixes for unspecified security vulnerabilities.

Johnson Controls Advisory - Johnson Controls published an advisory describing an authorization bypass through user controlled key vulnerability in their Kantech KT‐1 door controller.

Mitsubishi Advisory - Mitsubishi published an advisory describing two vulnerabilities in the TCP/IP Protocol Stack of GOT and Tension Controller.

Philips Advisory - Philips published an advisory discussing the PetitPotam exploit.

QNAP Advisory #1 - QNAP published an advisory describing an insufficient HTTP security headers vulnerability in their QTS, QuTS hero, and QuTScloud products.

QNAP Advisory #2 - QNAP published an advisory describing an insufficiently protected credentials vulnerability in their QSW-M2116P-2T2S and QuNetSwitch products.

QNAP Advisory #3 - QNAP published an advisory describing two stack-based buffer overflow vulnerabilities in their NVR Storage Expansion.

QNAP Advisory #4 - QNAP published an advisory describing a stack-based buffer overflow vulnerability in their QUSBCam2.

QNAP Advisory #5 - QNAP published an advisory describing a stack-based buffer overflow vulnerability in their QTS, QuTS hero, and QuTScloud products.

ABB Update - ABB published an update for their Base Software for SoftControl advisory that was originally published on June 23^rd, 2021.

Aruba Update - Aruba published an update for their Aruba OS advisory that was originally published on August 31^st, 2021.

Yokogawa Update - Yokogawa published an update for their VB6 Runtime advisory that was originally published on April 23^rd, 2021.

ECOA Reports - Zero Science published thirteen reports about vulnerabilities in the ECOA Building Automation System.

Geutebruck Exploit - Titouan Lazard published a Metasploit module for seven vulnerabilities in the Geutebruck G-Cam E2 and G-Code cameras.

For more details about the various advisories, including links to third-party reports and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-9-10-21 - subscription required.