For Part 2 this week, we have four vendor updates from HP, Mitsubishi (2), and VMware. We also have researcher reports for vulnerabilities for products from Intel (3), VMware, and Boeing.
HP Update - HP published an update for their PC BIOS
advisory that was originally published on February 28th, 2022 and most
recently updated on April 8th, 2022.
Mitsubishi Update #1 - Mitsubishi published an
update for their Factory Automation advisory that was originally
published on July 30th, 2020 and most
recently updated on December 17th, 2020.
Mitsubishi Update #2 - Mitsubishi published an
update for their TCP Protocol Stack advisory that was originally
published on September 1st, 2020 and most
recently updated on August 24th, 2021.
VMware Update - VMware published an update
for their Workspace One Access advisory that was originally published on March
18th, 2022.
Intel Reports - BINARLY published three reports
(including proof of concept code) of vulnerabilities in the SMM Driver On Intel
Platforms.
VMware Report - Pentera Labs published a
report of an incorrect default permission vulnerability (including
proof-of-concept code) in the VMware vCenter Server.
Boeing Report - Okay, this one is a bit odd, but Pen
Test Partners published a blog post
about their recent physical investigation of a recently decommissioned (with
all equipment intact) Boeing 747.
For more details on these disclosures, including links to
third-party advisories and exploits, see my article at CFSN Detailed Analysis -
https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-5-3a1
- subscription required.
Posts
No comments:
Post a Comment