Review - Public ICS Disclosures – Week of 1-1-22 – Part 1

This was a relatively light week for ICS disclosures, but because of the continuing response to the  Log4Shell vulnerabilities, this will be a two part report.

This week we have ten vendor disclosures from Draeger, Hitachi, Kunbus, Moxa (2), QNAP (2), Texas Instruments, VMware, and Yokogawa. There was an update for an advisory for products from IDEC. There are also nine researcher reports for products from Siemens (8) and VMware. Finally, we have one exploit published for products from Siemens.

Draeger Advisory - Drager published an advisory discusses the use of the out-of-support TLS 1.0 and TLS 1.1.

Hitachi Advisory - Hitachi published an advisory discussing 27 vulnerabilities in their Disc Array Systems.

Kunbus Advisory - Kunbus published an advisory describing two vulnerabilities in their Revolution Pi base modules.

Moxa Advisory #1 - Moxa published an advisory discussing the DNSpooq vulnerabilities in their AWK-3131A/4131A/1137C/1131A Series of products.

Moxa Advisory #2 - Moxa published an advisory describing a memory leak vulnerability in their EDR-G903, EDR-G902, and EDR-810 Series Secure Routers.

QNAP Advisory #1 - QNAP published an advisory describing a code execution vulnerability in their NAS running QVPN Service product.

QNAP Advisory #2 - QNAP published an advisory describing cross-site scripting vulnerability in their TFTP Server.

TI Advisory - TI published an advisory discussing the BrakTooth vulnerabilities in their dual-mode Bluetooth products.

VMware Advisory - VMware published an advisory describing a heap overflow vulnerability in their Workstation, Fusion and ESXi products.

Yokogawa Advisory - Yokogawa published an advisory describing seven vulnerabilities in their CENTUM and Exaopc products.

IDEC Update - JPCERT published an update for their IDEC PLC advisory that was originally published on December 24^th, 2021.

Siemens Reports - The Zero Day Initiative published eight reports about vulnerabilities in the Siemens JT2Go products.

VMware Report - USD HeroLab published a report describing a hidden functionality vulnerability in the VMware Workspace ONE Intelligent Hub.

Siemens Exploit - RoseSecurity published an exploit for a denial of service vulnerability in the Siemens S7 Layer 2 product.

For more details about these disclosures, including links to 3^rd party advisories, see my article at CFSN Detailed analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-1 - subscription required.