Review – Public ICS Disclosures – Week of 10-8-22 – Part 1

This is a moderately busy Saturday after 2^nd Tuesday. For Part 1 this week, we have fifteen vendor disclosures from Aruba, Bentley (3), Eaton, GE Healthcare, Hitachi Energy, HP, Palo Alto Networks, Phoenix Contact, PulseSecure, Softing (2), TandD, and VMware.

Aruba Advisory - Aruba published an advisory describing three vulnerabilities in their EdgeConnect Enterprise Orchestrator.

Bentley Advisory #1 - Bentley published an advisory that describes an out-of-bounds read vulnerability in their MicroStation And MicroStation-Based Applications.

Bentley Advisory #2 - Bentley published an advisory that describes a stack-based buffer overflow vulnerability in their MicroStation And MicroStation-Based Applications.

Bentley Advisory #3 - Bentley published an advisory that describes an out-of-bounds read vulnerability in their MicroStation and MicroStation-Based Applications.

Eaton Advisory - Eaton published an advisory that describes an unrestricted file upload vulnerability in their Foreseer EPMS.

GE Healthcare Advisory - GE published an advisory that provides guidance on securing serial ports in medical devices.

Hitachi Energy Advisory - Hitachi published an advisory that discusses two vulnerabilities in their MicroSCADA X DMS600

product.

HP Advisory - HP published an advisory that discusses eleven vulnerabilities in their GPU Display Driver.

Palo Alto Networks Advisory - Palo Alto Networks published an advisory that describes an authentication bypass vulnerability in their Pan-OS product.

Phoenix Contact Advisory - CERT-VDE published an advisory that discusses 83 vulnerabilities in the Phoenix Contact PLCnext Control.

PulseSecure Advisory - PulseSecure published an advisory that describes two denial of service vulnerabilities in their Ivanti Connect Secure products.

Softing Advisory #1 - Softing published an advisory that describes a use after free vulnerability in their OPC UA C++ SDK and OPC Suite products.

Softing Advisory #2 - Softing published an advisory that describes an input validation vulnerability in their OPC UA C++ SDK, Secure Integration Server, edgeConnector, edgeAggregator, uaGate and OPC Suite products.

TandD Advisory - TandD published an advisory that describes a denial-of-service vulnerability in their TR4 Series devices

NOTE: TandD does not call this a ‘vulnerability’ they call it a problem “whereby internal communication between components fails” which kind of sounds like a ‘denial-of-service’ vulnerability to me.

VMware Advisory - VMware published an advisory that describes an arbitrary file read vulnerability in their VMware vRealize Operations product.

 

For more information on these disclosures, including links to third-party advisories, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-10-c00 - subscription required.