Sunday, July 31, 2022

Review – Public ICS Disclosure – Week of 7-23-22 – Part 2

For Part 2 this week we have three additional vendor disclosures from FileWave, OPCLabs, and Unified Automation. We also have nine vendor updates from CODESYS, HP, Mitsubishi (3), VMware, and Yokogawa (3). We also have four researcher reports for products from DD-WRT, Asuswrt, FreshTomato, and Nuki. Finally, we have two exploits for products from Dingtian, and Roxy-WI.

FileWave Advisory - FileWave published a blog post that describes two vulnerabilities in their FileWave Management Suite.

OPC Labs Advisory - OPC Labs published an advisory that describes a deserialization of untrusted data vulnerability in their QuickOPC Connectivity Explorer.

Unified Automation Advisory - Incibe CERT published an advisory that describes two vulnerabilities in the Unified Automation's OPC UA C++ Demo Server.

CODESYS Update - CODESYS published an update for their Development System V3 advisory that was originally published on July 15th, 2021 and most recently updated on June 3rd, 2022.

HP Update - HP published an update for their NVIDIA GPU Display Driver advisory that was originally published on June 2nd, 2022 and most recently updated on June 23rd, 2022.

Mitsubishi Update #1 - Mitsubishi published an update for their Multiple FA Products advisory that originally published on July 30th, 2020 and most recently updated on May 27th, 2021.

NOTE: NCCIC-ICS did not update their advisory (ICSA-20-212-03) for this information.

Mitsubishi Update #2 - Mitsubishi published an update for their Multiple FA Engineering Software Products advisory that was originally published on February 18th, 2021 and most recently updated on May 24th, 2022.

NOTE: NCCIC-ICS did not update their advisory (ICSA-21-049-02) for this information.

Mitsubishi Update #3 - Mitsubishi published an update for their Multiple FA Engineering Software Products advisory that originally published on July 30th, 2020 and most recently updated on May 24th, 2022.

NOTE: NCCIC-ICS did not update their advisory (ICSA-20-212-04) for this information.

VMware Update - VMware published an update for their vCenter Server advisory that was originally published on July 12th, 2022.

Yokogawa Update #1 - Yokogawa published an update for their Wide Area Communication Router advisory that originally published on June 30th, 2022.

NOTE: NCCIC-ICS did not need to update their advisory (ICSA-22-181-02) for this information.

Yokogawa Update #2 - Yokogawa published an update for their CAMS for HIS advisory that was originally published on May 27th, 2022.

Yokogawa Update #3 - Yokogawa published an update for their OT:ICEFALL advisory that was originally published on June 21st. 2022. The new information includes adding fix for FCN/FCJ basic software.

NOTE: NCCIC-ICS did not update their advisory (ICSA-22-174-01) for this new information.

DD-WRT Report - Talos published a report that describes a memory corruption vulnerability in the httpd unescape functionality of DD-WRT Revision 32270 - Revision 48599.

Asuswrt Report - Talos published a report that describes a memory corruption vulnerability in the httpd unescape functionality of Asuswrt prior to 3.0.0.4.386_48706 and Asuswrt-Merlin New Gen prior to 386.7.

FreshTomato Report - Talos published a report that describes a memory corruption vulnerability in the httpd unescape functionality of FreshTomato 2022.1

Nuki Report - NCC Group published a report that describes nine vulnerabilities in the Nuki smart locks.

Dingtian Exploit - Victor Hanna published an exploit for an authentication bypass vulnerability in the Dingtian-DT-R002 2Channel relay board.

Roxy-WI Exploit - Nuri Cilengir published a Metasploit module for a command injection vulnerability in the Roxy-WI web interface.

 

For more information on these disclosures, including summaries of changes made in updates, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosure-week-of-7-23-9aa - subscription required.

No comments:

 
/* Use this with templates/template-twocol.html */