Review - Public ICS Disclosures – Week of 2-12-22 – Part 1

It is beginning to look like multipart reports are going to be the standard for this weekly update. This week in Part 1 we have 14 vendor disclosures from Aveva, Axis, Broadcom (2), WECON, HPE (6), Kunbus, Mitsubishi, and Moxa.

Aveva Advisory - Aveva published an advisory describing a use of clear text credential storage in their System Platform 2020.

Axis Advisory - Axis published an advisory describing a DLL hijacking vulnerability in their IP Utility.

Broadcom Advisory #1 - Broadcom published an advisory describing a use of hard-coded credentials vulnerability.

Broadcom Advisory #2 - Broadcom published an advisory describing an authenticated privilege file read vulnerability in their Fabric OS.

WECON Advisory - INCIBE-CERT published an advisory two vulnerabilities in the WECON LeviStudioU.

HPE Advisory #1 - HPE published an advisory describing a host header injection vulnerability in their Integrated Lights-Out 4.

HPE Advisory #2 - HPE published an advisory describing a buffer overflow vulnerability in their iLO Amplifier Pack.

HPE Advisory #3 - HPE published an advisory describing an information disclosure vulnerability in their Fibre Channel and SAN Switches.

HPE Advisory #4 - HPE published an advisory describing an authentication bypass vulnerability in their Fibre Channel and SAN Switches.

HPE Advisory #5 - HPE published an advisory discussing the Log4Shell vulnerabilities in their Universal IoT.

HPE Advisory #6 - HPE published an advisory describing a buffer overflow vulnerability in their Gen10 and Gen10 Plus Synergy Servers.

Kunbus Advisory - Kunbus published an advisory describing two vulnerabilities in their Revolution PI base modules.

Mitsubishi Advisory - Mitsubishi published an advisory describing nine vulnerabilities in their  Energy Saving Data Collecting Server (EcoWebServerIII).

Moxa Advisory - Moxa published an advisory describing a channel accessible by non-endpoint vulnerability in their MGate MB3170/MB3270/MB3280/MB3480 Series Protocol Gateways.

 

For more details on these disclosures, including links to third-party advisories, researcher reports and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-2-346 - subscription required.