Review - Public ICS Disclosure – Week of 1-8-22 – Part 1

This week, as we have come to expect for the Saturday after 2^nd Tuesday, we have a full slate of ICS disclosures, including more Log4Shell disclosures, that will take multiple posts to deal with. In Part 1 we have fourteen vendor disclosures from Belden, Blackberry, Dynalite, Hitachi Energy, HPE, Moxa, Palo Alto Networks (4), QNAP (3), and Yokogawa. There is also an update from HPE. There were also two researcher reports for products from IDEMIA and ODA. Finally, we have an exploit for products from SonicWall.

Part 2 of this post will address the Schneider advisories and updates that were published on Tuesday as well as the Siemens updates that were not addressed by NCCIC-ICS this week.

Belden Advisory - Belden published an advisory describing six vulnerabilities in their Tofino and Eagle products.

BlackBerry Advisory - BlackBerry published an advisory describing an elevation of privilege vulnerability in their QNX Neutrino Kernel.

Dynalite Advisory - Dynalite published an advisory discussing two vulnerabilities in their DDNG-BACnet gateway and in Niagara SOFTJACE products.

Hitachi Energy Advisory - Hitachi Energy published an advisory discussing four vulnerabilities in their e-mesh™ Energy Management System (EMS) Product.

HPE Advisory HPE published an advisory describing a remote access vulnerability in their Ezmeral Data Fabric.

Moxa Advisory - Moxa published an advisory describing four vulnerabilities in their VPort 06EC-2V Series and VPort 461A Series IP Cameras and Video Servers.

Palo Alto Advisory #1 - Palo Alto published an advisory describes an uncontrolled search path element vulnerability in their Cortex XDR Agent.

Palo Alto Advisory #2 - Palo Alto published an advisory describes an untrusted search path element vulnerability in their Cortex XDR Agent.

Palo Alto Advisory #3 - Palo Alto published an advisory describing a link following vulnerability in their Cortex XDR Agent.

Palo Alto Advisory #4 - Palo Alto published an advisory describing a file and directory information exposure vulnerability in their Cortex XDR Agent.

Phoenix Contact Advisory - Phoenix Contact published an advisory discussing the NUCLEUS:13 vulnerabilities in their BLUEMARK X1 / LED / CLED printers.

QNAP Advisory #1 - QNAP published an advisory describing a remote code execution vulnerability in their QTS and QuTS hero products.

QNAP Advisory #2 - QNAP published an advisory describing five separate classic buffer overflow vulnerabilities in their QVR Elite, QVR Pro, and QVR Guard products.

QNAP Advisory #3 - QNAP published an advisor describing two vulnerabilities in their QcalAgent.

Yokogawa Advisor - Yokogawa published an advisory discussing a link following vulnerability in the license function in Yokogawa products.

HPE Update - HPE published an update for their Integrated Lights-out 4 advisory that was originally published  on August 23^rd, 2017.

IDEMIA Report - Positive Technologies published a report of a TLS bypass vulnerability in biometric identification vulnerabilities in products from IDEMIA.

ODA Report - ZDI published a report describing a JPG File Parsing Memory Corruption in the Open Design Alliance (ODA) Drawings Explorer.

SonicWall Exploit - jbaines-r7 published Metasploit module for a command injection vulnerability in the SonicWall SMA 100 Series.

For more details on the above disclosures, including links to 3^rd party advisories and vulnerability exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosure-week-of-1-8 - subscription required.