Review – Public ICS Disclosure – Week of 8-27-22

This week we have twelve vendor disclosures from Aruba, Contec, GE Grid Solutions (2), HPE (3), Johnson Controls, Ovarro (2), Rockwell Automation, and Yokogawa. We also have three vendor updates from Mitsubishi, QNAP, and VMware.

Aruba Advisory - Aruba published an advisory that describes twelve vulnerabilities in their AOS-CX switches.

Contec Advisory - JP-CERT published an advisory that describes two vulnerabilities in the Contec FLEXLAN FX3000 wireless LAN.

GE Grid Advisory #1 - GE Grid published an advisory that describes a vulnerability in their Reason RT430/RT434 – GPS/GNSS Precision Clocks.

GE Grid Advisory #2 - GE Grid published an advisory that describes a vulnerability in their Reason RT431 - Time Code Generator.

HPE Advisory #1 - HPE published an advisory that discusses a privilege escalation vulnerability in their ProLiant Apollo, XL Servers.

HPE Advisory #2 - HPE published an advisory that discusses an information disclosure vulnerability in their HPE Apollo, XL Servers.

HPE Advisory #3 - HPE published an advisory that discusses an privilege escalation vulnerability in their Superdome Flex 280 Servers.

Johnson Controls Advisory - Johnson Controls published an advisory that describes a command injection vulnerability in their  iSTAR Ultra door controller.

Ovarro Advisory #1 - Ovarro published an advisory that discusses four vulnerabilities in their Kingfisher Toolbox Plus software.

Ovarro Advisory #2 - Ovarro published an advisory that discusses four vulnerabilities in their Seprol range of S2000 WITS RTUs.

Rockwell Advisory - Rockwell published an advisory that discusses two vulnerabilities in their KEPServer Enterprise.

Yokogawa Advisory - Yokogawa published an advisory that discusses an insufficient verification of data authenticity vulnerability in their STARDOM controller.

NOTE: This is an OT:ICEFALL vulnerability, the first that I recall seeing being reported as a third-party vulnerability.

Mitsubishi Update - Mitsubishi published an update for their GENESIS64TM and MC Works64 advisory that was originally published on July 19^th, 2022.

NOTE: NCCIC-ICS did not update their advisory (ICSA-22-202-04) for this information.

QNAP Update - QNAP published an update for their Samba advisory that was originally published on August 16^th, 2022.

VMware Update - VMware published an update for their VMware Tools advisory that was originally published on August 23^rd, 2022.

 

For more details about these disclosures, including links to third-party advisories, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosure-week-of-8-27 - subscription required.