Review - Public ICS Disclosures – Week of 1-29-22 – Part 2

For Part 2 we have four more vendor disclosures from QNAP, TI, VMware, and Fujitsu. We also have five updates from Boston Scientific, Dell, Hillrom, Johnson Controls, and QNAP. There are also 98 researcher reports for vulnerabilities in products from Gerbv (2), and Bentley (96). Finally, we have three exploit reports for products from Moxa (2), and WAGO.

QNAP Advisory - QNAP published an advisory discussing the Deadbolt Ransomware attacks.

TI Advisory - TI published an advisory discussing physical security attacks on ‘silicon devices.’

VMware Advisory - VMware published an advisory describing an information disclosure vulnerability in their VMware Cloud Foundation.

Fujitsu Advisory - Fujitsu published an advisory discussing 15 vulnerabilities in Insyde® Firmware.

Boston Scientific Update - Boston Scientific published an update for their Log4Shell  advisory.

Dell Update - Dell published an update for their generic Log4Shell advisory.

Hillrom Update - Hillrom published an update for their Log4Shell advisory.

Johnson Controls Update - Johnson Controls published an update for their Log4Shell advisory.

QNAP Update - QNAP published an update for their QTS and QuTS hero advisory that was originally published on January 13^th, 2021 and most recently updated on January 25^th, 2022.

Gerbv Reports - Talos published two reports of vulnerabilities in the Gerbv RS-274X viewer.

Bentley Reports - The Zero Day Initiative published 96 reports (ZDI-22-149 thru ZDI-22-243ZDI) about vulnerabilities in the Bentley MicroStation and MicroStation-based applications.

Moxa Exploit #1 - Matthew Bergin published an exploit for a firmware upgrade vulnerability in the Moxa TN-5900.  

Moxa Exploit #2 - Matthew Bergin published an exploit for a command injection vulnerability vulnerability in the Moxa TN-5900.  

WAGO Exploit - Gerhard Hechenberger published an exploit for an improper handling of exceptional conditions vulnerability in the WAGO 750-8xxx PLC.

NOTE: This was reported as a third-party (CODESYS) vulnerability, so this exploit may work (with or without modification?) on other vendor products.

 

For more details on these disclosures, including links to 3rd party advisories, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-1-d73 - subscription required.