Happy New Year.
As should be expected for the week between Christmas and New Year’s, the public ICS disclosures for this week were relatively light. There will be a two-part post today, however, due to the ongoing reporting on Log4Shell.
In Part 1 this week we have seven vendor disclosures from Moxa (6) and QNAP. There is also a researcher report on products from Schneider Electric.
Moxa Advisory #1 - Moxa published an
advisory describing two vulnerabilities in their TN-5900 Series Secure
Routers.
Moxa Advisory #2 - Moxa published an
advisory describing a memory leak vulnerability in their TN-5900 Series
Secure Routers.
Moxa Advisory #3 - Moxa published an
advisory describing a memory leak vulnerability in their MGate 5109 and
MGate 5101-PBM-MN Series Protocol Gateways.
Moxa Advisory #4 - Moxa published an
advisory describing eight vulnerabilities in their TAP-213/TAP-323 Series
Wireless AP/Bridge/Client.
Moxa Advisory #5 - Moxa published an
advisory describing seven vulnerabilities in their OnCell G3150A/G3470A
Series and WDR-3124A Series Cellular Gateways/Router.
Moxa Advisory #6 - Moxa published an
advisory describing eight vulnerabilities in their AWK-3131A/4131A/1131A/1137C
Series Wireless AP/Bridge/Client.
QNAP Advisory - QNAP published an advisory
describing an exposure of sensitive information vulnerability in their QTS,
QuTS hero, and QuTScloud products.
Schneider Report - Nozomi Networks published a report on a cross-site scripting vulnerability in the Schneider Rack Power Distribution Unit (PDU).
For more details about these advisories and the report, see
my article at CFSN Detailed Analysis – https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-12-97e
- subscription required.
Posts
No comments:
Post a Comment