Review - Public ICS Disclosures – Week of 1-29-22 – Part 1

 This has been a very busy week for control system vulnerabilities and it is going to require a two-part post to address all of the information. This week we have 14 vendor disclosures from ABB (3), Aruba (3), Sante, Sealevel, WAGO, Emerson, FANUC, Honeywell (2), Philips, and Rockwell.

ABB Advisory #1 - ABB published an advisory describing three vulnerabilities in their SPIET800 INFI-Net to Ethernet Transfer and PNI800 S+ Ethernet communication interface modules.

ABB Advisory # 2 - ABB published an advisory describing an improper input validation vulnerability in their System 800xA, Symphony® Plus IEC 61850 communication stack.

ABB Advisory #3 - ABB published an advisory describing a remote code execution vulnerability in their OPC Server for AC 800M products.

Aruba Advisory #1 - Aruba published an advisory discussing 15 vulnerabilities in their ArubaOS-CX 8000 Series Switches.

Aruba Advisory #2 - Aruba published an advisory discussing 15 vulnerabilities in their 9000 Series Gateways.

Aruba Advisory #3 - Aruba published an advisory discussing the PwnKit vulnerability in multiple product lines.

Sante Advisory - INCIBE-CERT published an advisory describing seven vulnerabilities in the Sante DICOM Viewer Pro.

Sealevel Advisory - INCIBE-CERT published an advisory describing twelve vulnerabilities in the Sealevel SeaConnect 370W Wi-Fi edge device.

WAGO Advisory - CERT-VDE published an advisory discussing a link following vulnerability in the WAGO e!COCKPIT and WAGO-I/O-Pro.

Emerson Advisory - Emerson published an advisory describing a credential disclosure vulnerability in multiple products. The vulnerability was reported by Dragos.

FANUC Advisory - FANUC published a notice reporting that none of their products are affected by the Log4Shell vulnerability.

Honeywell Advisory #1 - Honeywell published an advisory describing a command injection vulnerability in their IP PTZ Camera HDZP252DI.

Honeywell Advisory #2 - Honeywell published an advisory describing a video replay vulnerability in their IP Camera HBW2PER1.

Philips Advisory - Philips published an advisory discussing the PwnKit vulnerability.

Rockwell Advisory - Rockwell published a notice discussing a problem with the latest Microsoft® DCOM Hardening patch.

 

For more details about these advisories, including links to researcher reports, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-1-cfc - subscription required.