Saturday, October 23, 2021

Review - Public ICS Disclosures – Week of 10-16-21

This week we have ten vendor disclosures from ABB, Weidmueller, HMS (2), HPE (2), Meinberg, PulseSecure, QNAP, and VMware. We also have two researcher reports of vulnerabilities in products from SonicWall and RDP Manager. There were three exploits published for products from SonicWall and Mitsubishi (2).

ABB Advisory - ABB published an advisory describing an integrity check bypass in their free@home System Access Point product.

Weidmueller Advisory - CERT-VDE published an advisory discussing the INFRA:HALT vulnerabilities in the Weidmueller Remote I/O fieldbus couplers.

HMS Advisory #1 - HMS published an advisory discussing the BrakTooth vulnerabilities in their Anybus wireless products.

HMS Advisory #2 - HMS published an advisory discussing the BadAlloc vulnerabilities in their Anybus wireless products.

HPE Advisory #1 - HPE published an advisory describing an information disclosure vulnerability in their 6120XG Blade Switch.

HPE Advisory #2 - HPE published an advisory describing a cross-site scripting vulnerability in their Superdome Flex Server.

Meinberg Advisory - Meinberg published an advisory discussing the GPSD Rollover Bug.

PulseSecure Advisory - PulseSecure published an advisory describing a malformed packet request vulnerability in their Pulse Connect Secure software.

QNAP Advisory - QNAP published an advisory describing a command injection vulnerability in their QNAP NAS running the Media Streaming add-on.

VMware Advisory - VMware published an advisory describing an information disclosure vulnerability in their vRealize Operations Tenant App for VMware Cloud Director.

SonicWall Report - Vulnerability Lab published a report of a cross-site scripting vulnerability in the SonicWeb SonicOS.

RDP Manager Report - Vulnerability Lab published a report of a denial-of-service vulnerability in the RDP Manager windows software client.

SonicWall Exploit - Jacob Baines published an exploit for an improper access control vulnerability in the SonicWall SMA100 product.

Mitsubishi Exploit #1 - Hamit Cibo published an exploit for a reflected cross-site scripting vulnerability in the Mitsubishi ME RTU.

Mitsubishi Exploit #2 - Hamit Cibo published an exploit for a source code disclosure vulnerability in the Mitsubishi ME RTU.

For more details about these advisories, reports and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-10-c22 - subscription required.

No comments:

 
/* Use this with templates/template-twocol.html */