Review – Public ICS Disclosures – Week of 10-22-22

This week we have six vendor disclosures from Aruba Networks, HP, InHand Networks, Sick, and Wireshark (2). We also have a vendor update from VMware. Then there are two researcher reports for products from Delta Electronics. Finally, we have an exploit for products from Siemens.

 

Aruba Advisory - Aruba published an advisory describing sixteen vulnerabilities in their ArubaOS.

HP Advisory - HP published an advisory that describes a denial-of-service vulnerability in a number of their printers.

InHand Advisory - InHand published an advisory that describes six vulnerabilities (with proof-of-concept code available) in their Industrial Router IR302.

Sick Advisory - Sick reportedly published an advisory that describes a password recovery vulnerability in the SIMs products, but a problem with their PSIRT web page does not allow access to the link to the advisory.

VMware Advisory - VMware published an advisory that discusses two vulnerabilities (one with known exploit) in the Cloud Foundation product.

Wireshark Advisory #1 - Wireshark published an advisory that describes a code injection vulnerability in their OPUS dissector.

Wireshark Advisory #2 - Wireshark published an advisory that describes a code injection vulnerability in their USB-HID dissector.

Delta Report #1 - Tenable published a report (with proof of concept code) describing two SQL injection vulnerabilities in the Delta DIAEnergie product.

NOTE: These appear to be separate from the three SQL injection vulnerabilities reported by NCCIC-ICS earlier this week.

Delta Report #2 - AWESEC published a report describing an SQL injection vulnerability in the Delta DIAEnergie product.

NOTE: This appears to be separate from the three SQL injection vulnerabilities reported by NCCIC-ICS earlier this week.

Siemens Exploit - RoseSecurity published a Metasploit module for an authentication bypass vulnerability in the Siemens APOGEE PXC BACnet Automation Controllers and TALON TC BACnet Automation Controllers.

 

For more details on these disclosures, including links to 3^rd party advisories and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-10-89e - subscription required.