This week we have nine vendor disclosures from Aruba Networks, Braun, DrayTek, Omron, Hitachi, SonicWall, and VMware (3). We also have an update from Yokogawa. Finally, there are four researcher reports for products from Fuji Electric.
Aruba Advisory - Aruba published an
advisory describing 18 vulnerabilities in their ClearPass Policy Manager
product.
Braun Advisory - Braun published an
advisory discussing the Ripple20 vulnerabilities.
DrayTek Advisory - DrayTek published an
advisory describing two vulnerabilities in their VigorConnect software.
Omron Advisory - JPCERT published an advisory describing
an out-of-bounds read vulnerability in the Omron CX-Supervisor.
Hitachi Advisory - Hitachi published an
advisory discussing 30 vulnerabilities in their Disk Array Systems.
SonicWall Advisory - SonicWall published an
advisory describing a host header redirection vulnerability in their
SonicOS product.
VMware Advisory #1 - VMware published an
advisory describing a server side request forgery in their vRealize
Operations products.
VMware Advisory #2 - VMware published an
advisory describing a CSV injection vulnerability in their vRealize Log
Insight product.
VMware Advisory #3 - VMware published an advisory
describing an open redirect vulnerability in their vRealize Orchestrator
product.
Yokogawa Update - Yokogawa published an
update for their Ripple20 advisory
that was originally
published on May 31st, 2021.
Fuji Reports - The Zero Day Initiative published four reports of 0-day vulnerabilities in the Alpha5 Servo Operator product from Fuji Electric.
For more details on this disclosures, including links to 3rd
party advisories, researcher reports, and exploits, see my article at CFSN
Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-10-61d
- subscription required.
Posts
No comments:
Post a Comment