Review - Public ICS Disclosures – Week of 8-28-21

This week we have sixteen vendor disclosures from ABB, Aruba Networks, Baxter, WAGO (3), Hitachi ABB Power Grids, Hewlett Packard Enterprise, Mitsubishi (2), Moxa (2), OPC Foundation, Philips, and QNAP (2). We also have three vendor updates from CODESYS. There are also 20 researcher reports for products from Fuji Electric. Finally, we have an exploit for products from Geutebruck.

ABB Advisory - ABB published an advisory describing a remote code execution vulnerability in their Base Software for SoftControl product.

Aruba Advisory - Aruba published an advisory describing 15 vulnerabilities in their ArubaOS product.

Baxter Advisory - Baxter published an advisory discussing the PrintNightmare vulnerability.

WAGO Advisory #1 - CERT VDE published an advisory describing an improper authentication and access control vulnerability in the WAGO 750-36X and WAGO 750-8XX products.

WAGO Advisory #2 - CERT VDE published an advisory discussing two out-of-bounds read vulnerabilities in the e!COCKPIT and WAGO-I/O-Pro products.

WAGO Advisory #3 - CERT VDE published an advisory describing a missing release of resources after effective lifetime vulnerability in WAGO PLCs.

Hitachi ABB Advisory - Hitachi ABB published an advisory describing a clear-text storage of sensitive information vulnerability in their System Data Manager – SDM600 products.

HPE Advisory - HPE published an advisory discussing two vulnerabilities in the SGI UV 300/3000 and HPE Integrity MC990 X Servers.

Mitsubishi Advisory #1 - Mitsubishi published an advisory discussing the FragAttacks WiFi vulnerabilities.

Mitsubishi Advisory #2 - Mitsubishi published an advisory discussing the BadAlloc vulnerabilities (Amazon FreeRTOS is the specific product involved here).

Moxa Advisory #1 - Moxa published an advisory describing 59 vulnerabilities in their TAP-323, WAC-1001, and WAC-2004 Series Wireless AP/Bridge/Client.

Moxa Advisory #2 - Moxa published an advisory describing 59 vulnerabilities in their OnCell G3470A-LTE and WDR-3124A Series Cellular Gateways/Router.

OPC Foundation - OPC Foundation published an advisory describing an access of memory location after end-of-buffer vulnerability in their Local Discovery Server.

Philips Advisory - Philips published an advisory discussing the HiveNightmare vulnerability.

QNAP Advisory #1 - QNAP published an advisory describing two vulnerabilities in their QNAP NAS running HBS 3.

QNAP Advisory #2 - QNAP published an advisory describing an out-of-bounds read vulnerability in their QNAP NAS running QTS, QuTS hero, and QuTScloud.

CODESYS Update #1 - CODESYS published an update for their V3 web server advisory that was originally published on May 19^th, 2021 and most recently updated on July 22^nd, 2021.

CODESYS Update #2 - CODESYS published an update for their V3 web server that was that was originally published on July 15^th, 2021.

CODESYS Update #3 - CODESYS published an update for their Gateway V3 advisory that was originally published on July 15^th, 2021.

Fuji Electric Reports - The Zero Day Initiative published 20 reports describing 0-day vulnerabilities in the Fuji Tellus Lite V-Simulator.

Geutebruck Exploit - Titouan Lazard, Sebastien Charbonnier, and Ibrahim Ayadhi published a Metasploit module for eight previously reported vulnerabilities in the Geutebruck G-Cam EEC-2xxx and G-Code EBC-21xx, EFD-22xx, ETHC-22xx, and EWPC-22xx devices.

 

For more details on the advisories and reports, including links to third-party reports and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-8 - subscription required.