Review - Public ICS Disclosures – Week of 2-5-22 – Part 2

For Part 2 we have 14 vendor disclosures from strongSwan, Wireshark (5), Yokogawa, Siemens (2), and Schneider (6). There are six vendor updates from GE Gas Power, Siemens Healthineers, and Schneider (4). Finally, we have an exploit for products from Siemens.

NOTE: Part 3 will address the remaining 30+ updates published by Siemens on Tuesday.

strongSwan Advisory - StrongSwan published a blog post describing an improper authentication vulnerability in their EAP client implementation.

NOTE: This blog post contains an interesting discussion about the EAP authentication process in VPNs.

Wireshark Advisory #1 - Wireshark published an advisory describing a CMS dissector crash vulnerability.

Wireshark Advisory #2 - Wireshark published an advisory describing a CSN.1 dissector vulnerability.

Wireshark Advisory #3 - Wireshark published an advisory describing a PVFS dissector crash vulnerability.

Wireshark Advisory #4 - Wireshark published an advisory describing ten large loop vulnerabilities in multiple dissectors.

Wireshark Advisory #5 - Wireshark published an advisory describing a RTMPT dissector infinite loop vulnerability.

Yokogawa Advisory - Yokogawa published an advisory discussing the Log4Shell vulnerabilities in their CENTUM VP Unified Gateway Station.

Siemens Advisory #1 - Siemens published an advisory describing a out-of-bounds read vulnerability in their Industrial Products.

Siemens Advisory #2 - Siemens published an advisory discussing two vulnerabilities in their SIMATIC NET CP, SINEMA and SCALANCE Products.

Schneider Advisory #1 - Schneider published an advisory describing eight vulnerabilities in their Interactive Graphical SCADA System (IGSS).

Schneider Advisory #2 - Schneider published an advisory describing two vulnerabilities in their EcoStruxure EV Charging Expert.

Schneider Advisory #3 - Schneider published an advisory describing a use of hard-coded credentials vulnerability in their Easergy P40 protection relay. Schneider also reports that the product uses an older version of OpenSSL with known vulnerabilities.

Schneider Advisory #4 - Schneider published an advisory describing four vulnerabilities in their spaceLYnk, Wiser For KNX, fellerLYnk products.

Schneider Advisory #5 - Schneider published an advisory describing four vulnerabilities in their EcoStruxure Geo SCADA Expert (ClearSCADA).

Schneider Advisory #6 - Schneider published an advisory describing an incorrect default permissions vulnerability in their Harmony/Magelis iPC Series HMI, Vijeo Designer and Vijeo Designer Basic products.

GE Gas Power Update - GE Gas Power published an update for their ToolBoxST advisory that was originally published on January 25^th, 2022.

Siemens Healthineers Update - Siemens Healthineers published an update for their Log4Shell advisory.

Schneider Update #1 - Schneider published an update for their CODESYS V3 Runtime advisory that was originally published on January 11^th, 2022.

Schneider Update #2 - Schneider published an update for their BadAlloc advisory that was originally published on November 9^th, 2021 and most recently updated on January 13^th, 2022.

Schneider Update #3 - Schneider published an update for their INFRA:HALT advisory that was originally published on August 5^th, 2021.

Schneider Update #4 - Schneider published an update for their Harmony (Magelis) HMI panels that was originally published on August 13^th, 2019.

Siemens Exploit - A. Ovsyannikova published an exploit for an open redirect vulnerability in the Siemens SINEMA Remote Connect Server.

 

For more details about these disclosures, including links to 3rd party advisories, researcher reports and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-2-ad9 - subscription required.