Review – Public ICS Disclosure – Week of 6-18-22

This week we have 27 vendor disclosures from ABB, Aruba Networks, Bosch, Broadcom (9), CODESYS, Hikvision, HPE (2), Moxa, Phoenix Contact, QNAP, Tanzu and WatchGuard (7). We also have six vendor updates from CODESYS (2), HPE (3), and Schneider. Finally, we have two exploits for products from Siemens and SolarView.

ABB Advisory - ABB published an advisory that describes an insufficient file access control vulnerability in their Relion REX640 protection and control relays.

Aruba Advisory - Aruba published an advisory that discusses the TLStorm2.0 vulnerabilities.

Bosch Advisory - Bosch published an advisory that describes 95 vulnerabilities in their PRA-ES8P2S Ethernet-Switch.

Broadcom Advisory #1 - Broadcom published an advisory that discusses a Java compromise vulnerability in their SANnav  products.

Broadcom Advisory #2 - Broadcom published an advisory that describes an insecure password storage vulnerability in the SANnav products.

Broadcom Advisory #3 - Broadcom published an advisory that discusses a Java compromise vulnerability in their SANnav  products.

Broadcom Advisory #4 - Broadcom published an advisory that discusses a Java compromise vulnerability in their SANnav  products.

Broadcom Advisory #5 - Broadcom published an advisory that describes an insecure password storage vulnerability in their SANnav products.

Broadcom Advisory #6 - Broadcom published an advisory that discusses an off-by-one error vulnerability in their SANnav  products.

Broadcom Advisory #7 - Broadcom published an advisory that discusses an observable discrepancy vulnerability in their SANnav  products.

Broadcom Advisory #8 - Broadcom published an advisory that describes a use of static key ciphers vulnerability in in their SANnav products.

Broadcom Advisory #9 - Broadcom published an advisory that discusses a Java compromise vulnerability in their SANnav  products.

CODESYS Advisory - CODESYS published an advisory that describes nine vulnerabilities in their V2 runtime systems.

Hikvision Advisory - Hikvision published an advisory that describes two insufficient input validation vulnerabilities in their Hybrid SAN/Cluster Storage products.

HPE Advisory #1 - HPE published an advisory that describes a disclosure of sensitive information vulnerability in their NonStop DSM/SCM products.

HPE Advisory #2 - HPE published an advisory that describes a weak key exchange vulnerability in their StoreOnce Software.

Moxa Advisory - Moxa published an advisory that discusses an expression language injection vulnerability in the third-party Apache Struts product.

Phoenix Contact Advisory - Phoenix Contact republished an advisory that describes a missing authentication for critical function vulnerability with a known exploit in their ProConOS/ProConOS eCLR PLC runtime system.

QNAP Advisory - QNAP published an advisory that discusses an out-of-bounds write vulnerability with a known exploit in their NAS product.

Tanzu Advisory - Tanzu published an advisory that describes an expression injection vulnerability in their Spring Data MongoDB application.

WatchGuard Advisory #1 - WatchGuard published an advisory that describes an arbitrary file read vulnerability in their Firebox and XTM appliances.

WatchGuard Advisory #2 - WatchGuard published an advisory that describes a cross-site scripting vulnerability in their Fireware OS.

Watch Guard Advisory #3 - WatchGuard published an advisory that describes a buffer overflow vulnerability in their Fireware OS.

WatchGuard Advisory #4 - WatchGuard published an advisory that describes a stack-based buffer overflow vulnerability in their Fireware OS.

WatchGuard Advisory #5 - WatchGuard published an advisory that describes an information disclosure vulnerability in their Fireware OS.

WatchGuard Advisory #6 - WatchGuard published an advisory that describes a privilege escalation vulnerability in their Fireware OS.

WatchGuard Advisory #7 - WatchGuard published an advisory that describes an argument injection vulnerability in their Fireware OS.

CODESYS Update #1 - CODESYS published an update for their V2 product advisory that was originally published on June 9^th, 2022.

CODESYS Update #2 - CODESYS published an update for their Control V2 product advisory that was originally published on June 9^th, 2022.

HPE Update #1 - HPE published an update for their ProLiant BL/DL/ML/XL/MicroServer advisory that was originally published on May 10^th, 2022 and most recently updated on May 31^st, 2022.

HPE Update #2 - HPE published an update for their Superdome Flex advisory that was originally published on June 14^th, 2022.

HPE Update #3 - HPE published an update for their Superdome Flex Server advisory that originally published on June 7^th, 2022.

Schneider Update - Schneider published an update for their IGSS advisory that was originally published on June 14^th, 2022.

Siemens Exploit - Steffen Robertz published an exploit for a cross-site scripting vulnerability in the Siemens SINEMA Remote Connect product.

 

For more details on these disclosures, including links to researcher reports, 3^rd party advisories, and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosure-week-of-6-18 - subscription required.