Saturday, June 4, 2022

Review – Public ICS Disclosure – Week of 5-28-22

This week we have ten vendor disclosures from CODESYS (3), Dell, Endress+Hauser, Mitsubishi, Moxa, Software Toolbox (2), and T&D. We also have nine vendor updates from Aruba Networks, CODESYS, Fujitsu, HP, HPE (4), and Palo Alto Networks. There are also two researcher reports for products from Korenix, and Schneider Electric. Finally, we have three exploits published for products from SolarView, and Ingredient Stock Management System (2).

CODESYS Advisory #1 - CODESYS published an advisory that describes two uncontrolled resource consumption vulnerabilities in their CODESYS V3 products containing a CODESYS communication server.

CODESYS Advisory #2 - CODESYS published an advisory that describes a plain-text storage of password vulnerability in their OPC DA Server.

CODEESYS Advisory #3 - CODESYS published an advisory that describes an observable response discrepancy in their Visualization products.

Dell Advisory - Dell published an advisory that describes three vulnerabilities in their Wyse Management Suite (one is a third-party (JQuery) vulnerability.

Endress+Hauser Advisory - CERT VDE published an advisory that discusses eight vulnerabilities in multiple products from Endress +HYauser.

Moxa Advisory - Moxa published an advisory that discusses the DirtyPipe vulnerability.

Software Toolbox Advisory #1 - Software Toolbox published an advisory that discusses a security feature bypass vulnerability in their OPC Quick Client.

Software Toolbox Advisory #2 - Software Toolbox published an advisory that discusses a security feature bypass vulnerability for customers using OPC Classic.

T&D Advisory - T&D published an advisory that describes a directory traversal vulnerability in the T&D Data Server and THERMO RECORDER DATA SERVER.

Aruba Update #1 - Aruba published an update for their Expat XML advisory that was originally published on May 17th, 2022.

Aruba Update #2 - Aruba published an update for their OpenSSL advisory that was originally published on May 4th, 2022.

Fujitsu Update - JP CERT published an update for their FUJITSU Network IPCOM advisory that was originally published on  May 19th, 2022.

CODESYS Update - CODESYS published an update for their Development System V3 advisory that was originally published on July 15th, 2021 and most recently updated on August 2nd, 2021.

HP Update - HP published an update for their HP Print Products advisory that was originally published on March 21st, 2022, and most recently updated on May 3rd, 2022.

HPE Update #1 - HPE published an update for their Intel Bios advisory that was originally published on May 10th, 2022.

HPE Update #2 - HPE published an update for their ProLiant DX Servers advisory that was originally published on May 10th, 2022.

HPE Update #3 - HPE published an update for their Synergy Servers advisory that was originally published on May 10th, 2022.

HPE Update #4 - HPE published an update for their ProLiant BL/DL/ML/XL/MicroServer that was originally published on May 10th, 2022.

Palo Alto Networks Update - Palo Alto Networks published an update for their OpenSSL advisory that was originally published on March 31st, 2022 and most recently updated on May 12th, 2022.

Korenix Report - SEC Consult published a report describing a backdoor account in the Korenix JetPort serial converter.

Schneider Report - Zero Science published a report describing a remote root exploit vulnerability (with exploit available) in the Schneider C-Bus Automation Controller.

SolarView Exploit - Ahmed Alroky published an exploit for directory traversal vulnerability in the SolarView Compact.

Ingredient Stock Management System Exploit #1 - Saud Alenazi published an exploit for an SQL injection vulnerability in the Ingredient Stock Management System.

Ingredient Stock Management System Exploit #2 - Saud Alenazi published an exploit for an account takeover vulnerability in the Ingredient Stock Management System.

 

For more details about these disclosures, including links to 3rd party advisories and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosure-week-of-5-28 - subscription required.

No comments:

 
/* Use this with templates/template-twocol.html */