Review – Public ICS Disclosures – Week of 4-2-22 – Part 2

In Part 2 we have 14 additional vendor disclosures from HPE (3), Meinberg, Milestone, Mitsubishi, Philips (2), SonicWall, VMware (3), and Xylem. We also have eight vendor updates from Bosch, Carrier, HP (4), Palo Alto Networks, and QNAP. Finally, we have an exploit for products from Barco.

HPE Advisory #1 - HPE published an advisory describing two vulnerabilities in the Aruba Instant On 1930 switch.

HPE Advisory #2 - HPE published an advisory discussing the SpringShell vulnerabilities in Aruba products.

HPE Advisory #3 - HPE published an advisory describing an escalation of privilege vulnerability in their Superdome Flex Server.

Meinberg Advisory - Meinberg published an advisory discussing ten vulnerabilities in their LANTIME-Firmware.

Milestone Advisory - Milestone published an advisory discussing the SpringShell vulnerabilities.

Mitsubishi Advisory - Mitsubishi published an advisory discussing an out-of-bounds write vulnerability in their MELSEC C Controller Module.

Philips Advisor #1 - Philips published an advisory discussing a code injection vulnerability in the VMWare Spring Cloud Function.

Philips Advisory #2 - Philips published an advisory discussing the SpringShell vulnerabilities.

SonicWall Advisory - SonicWall published an advisory describing an inadequate access control vulnerability in their Capture Security Center - Cloud Security Management Service.

VMware Advisory #1 - VMware published an advisory describing eight vulnerabilities in their Workspace ONE Access, Identity Manager and vRealize Automation products.

VMware Advisory #2 - VMware published an advisory describing two privilege escalation vulnerabilities in their Horizon Client for Linux.

VMware Advisory #3 - VMware published an advisory discussing a remote code execution vulnerability in multiple products.

Xylem Advisory - Xylem published an advisory discussing the SpringShell vulnerabilities

Bosch Update - Bosch published an update for their Recovery Image advisory that was originally published on March 30^th, 2022.

Carrier Update - Carrier published an update for their LAPSUS$ attack on Octa advisory that was originally published on March 30^th, 2022.

HP Update #1 - HP published an update for their PC BIOS advisory that was originally published on March 8^th, 2022 and most recently updated on March 25^th, 2022.

HP Update #2 - HP published an update for their PC BIOS advisory that was originally published on February 28th, 2022 and most recently updated on March 25^th, 2022.

HP Update #3 - HP published an update for their IPU BIOS advisory that was originally published on November 9^th, 2021 and most recently updated on February 3^rd, 2022.

HP Update #4 - HP published an update for their MEBx firmware advisory that was originally published on February 8^th, 2022.

Palo Alto Networks Update - Palo Alto Networks updated their OpenSSL advisory that was originally published on March 31^st, 2022

QNAP Update - QNAP published an update for their DirtyPipe advisory that was originally published on March 14^th, 2022.

Barco Exploit - Murat Aydemir of Accenture Cyber Security Team published an exploit for a directory traversal vulnerability in the Barco Control Room Management Suite.

 

For more information on these disclosures, including links to 3rd party advisories and researcher reports, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-4 - subscription required.