This week we have nine vendor disclosures from BD, HPE, Johnson and Johnson, Milestone, Moxa (2), and Ovarro (3). We have two updates from Mitsubishi. We also have four vendor reports from Tenable about vulnerabilities in GPS systems. Finally, we have an exploit for Geutebruck cameras.
BD Advisory - BD published an
advisory discussing the BadAlloc vulnerabilities.
HPE Advisory - HPE published an
advisory describing six vulnerabilities in their SAN Switches with Brocade
Fabric OS.
Johnson and Johnson Advisory - Johnson and Johnson published
an
advisory discussing the PrintNightmare vulnerability.
Milestone Advisory - Milestone published an
advisory describing an unsecured credential storage vulnerability in their XProtect®
VMS product.
Moxa Advisory #1 - Moxa published an
advisory describing nine vulnerabilities in their MXview Series Network Management
Software.
Moxa Advisory #2 - Moxa published an
advisory describing two uncontrolled resource vulnerabilities in their MGate
MB3180/MB3280/MB3480 Series Protocol Gateways.
Ovarro Advisory #1 - Ovarro published an
advisory describing a classic buffer overflow vulnerability in their MS-CPU32-S2
and LT2 products.
Ovarro Advisory #2 - Ovarro published an
advisory describing a path traversal (?) vulnerability in their TWinSoft product.
Ovarro Advisory #3 - Ovarro published an
advisory describing a weak encryption vulnerability in their TWinSoft
product.
Mitsubishi Update #1 - Mitsubishi published an
update for their WEB Functions of Air Conditioning Systems advisory that
was originally
published on July 1st, 2021.
Mitsubishi Update #2 - Mitsubishi published an
update for their Denial-of-Service Vulnerability in Multiple Air
Conditioning Systems advisory that was originally
published on July 1st, 2021.
GPS Report #1 - Tenable published a report on five
vulnerabilities in the LandAirSea Silver Cloud web site.
GPS Report #2 - Tenable published a report
describing five vulnerabilities in the Spytec GPS platform web site.
GPS Report #3 - Tenable published a report
describing 12 vulnerabilities in the Optimus GPS platform web site.
GPS Report #4 - Tenable published a report describing
three vulnerabilities in the Tracki/Trackimo GPS platform web site.
Geutebruck Exploit - Titouan Lazard and Ibrahim Ayadhi have published a Metasploit module for a buffer overflow vulnerability in the Geutebruck G-Cam EEC-2xxx and G-Code EBC-21xx, EFD-22xx, ETHC-22xx, and EWPC-22xx devices.
For more details on these advisories and reports, including links
to third party advisories and exploits, see my article at CFSN Detailed Analysis
- https://patrickcoyle.substack.com/p/public-ics-disclosures-7ed
- subscription required.
Posts
No comments:
Post a Comment