This week we have five vendor disclosures from ABB, GE Gas Power (2), HP, and VMware. There is a vendor updates from Dell. Finally, there is a researcher report for products from Omron.
ABB Advisory - ABB published an
advisory that discusses a an improper restriction of operations within the
bounds of a memory buffer vulnerability in their ARM600 M2M Gateway.
GE Advisory #1 - GE published an
advisory that describes an HTTP request/response splitting vulnerability in
their Workstation ST products.
GE Advisory #2 - GE published an
advisory that describes a cross-site scripting vulnerability in their
Workstation ST products.
HP Advisory - HP published an
advisory that describes a denial-of-service vulnerability in their HP PageWide
Pro printers.
VMware Advisory - VMware published an
advisory that describes a privilege escalation vulnerability in their
VMware Tools product.
NOTE: This is being reported as a third-party vulnerability
on some Linux distributions by OpenWall
and Debian.
This may show up as a third-party vulnerability in other products.
Dell Update - Dell published an update for their Log4Shell advisory.
Omron Report - The Zero Day Initiative published a report describing
a use-after-free vulnerability in the Omron CS-One CX Programmer module.
For more details about these disclosures, including links to
third-party advisories, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-8-9dc
- subscription required.
Posts
No comments:
Post a Comment