This week we have two new OpenSSL 3.0 vendor disclosures
from Eurotech, Ruckus Wireless. There are 24 other vendor disclosures from ABB,
BD (2), Genetec, Hitachi Energy (2), HPE (2), Inductive Automation, Insyde (8),
Mitsubishi, Moxa, OPC Foundation, Phoenix Contact, Sick (2), and Siemens
Healthineers. There are three vendor updates from HPE, Mitsubishi (2), Palo
Alto Networks. Finally, we have an exploit for products from Siemens.
OpenSSL 3.0 Vendor Disclosures
Eurotech published an OpenSSL 3.0 advisory.
Eurotech reports that none of their products are affected.
Ruckus Wireless published an OpenSSL 3.0 advisory.
Ruckus reports that none of their products are affected.
Vendor Disclosures
ABB Advisory - ABB published an
advisory that describes a clear-text storage of credentials vulnerability
in their PCM600 tool.
BD Advisory #1 - BD published an
advisory that discusses an authentication bypass vulnerability with known
exploit in their Kiestra products.
BD Advisory #2 - BD published a Third-Party
Software Component End of Support notice for their Alaris products (products
available in US are not affected).
Genetec published an
advisory that discusses an improper authentication vulnerability in their Sipelia
and Mission Control products (and various plugins).
Hitachi Energy Advisory #1 - Hitachi Energy published
an
advisory that discusses a clear-text storage of credentials vulnerability
in their IED Connectivity Packages (IED ConnPacks) and PCM600 Products.
Hitachi Energy Advisory #2 - Hitachi Energy published
an
advisory that describes an input validation vulnerability in their MicroSCADA
Pro/X SYS600 products.
HPE Advisory #1 - HPE published an
advisory that describes an unauthorized access vulnerability in their NetBatch-Plus
software.
HPE Advisory #2 - HPE published an
advisory that describes an authentication bypass vulnerability in their OfficeConnect
network switches.
Inductive Automation Advisory - Inductive Automation
published an
advisory that discusses the Text4Shell vulnerability.
Insyde Advisory #1 - Insyde published an advisory that describes
an untrusted pointer vulnerability in their UsbCoreDxe file.
Insyde Advisory #2 - Insyde published an advisory that describes
an untrusted input vulnerability in their AhciBusDxe file.
Insyde Advisory #3 - Insyde published an advisory that describes
an incorrect pointer check vulnerability in their FwBlockServiceSmm driver.
Insyde Advisory #4 - Insyde published an advisory that describes
an incorrect pointer check vulnerability in their NvmExpressDxe driver.
Insyde Advisory #5 - Insyde published an advisory that describes
an untrusted pointer vulnerability in their SdHostDriver and SdMmcDevice.
Insyde Advisory #6 - Insyde published an advisory that describes
a race condition vulnerability in their UsbCoreDxe.
Insyde Advisory #7 - Insyde published an advisory that describes
an initialization function vulnerability in their PnpSmm file.
Insyde Advisory #8 - Insyde published an advisory that describes
an input address manipulation vulnerability in their PnpSmm function 0x52 file.
Mitsubishi Advisory - Mitsubishi published an advisory that discusses a denial-of-service
vulnerability in multiple consumer products.
Moxa Advisory - Moxa published an
advisory that describes an improper authentication vulnerability in their NE-4100T
Series.
OPC Foundation Advisory - The OPC Foundation
published an
advisory that describes a privilege escalation advisory in their local
discovery server.
Phoenix Contact Advisory - Phoenix Contact published an
advisory that describes a denial-of-service vulnerability in their FL
MGUARD and TC MGUARD devices.
Sick Advisory #1 - Sick published an
advisory that describes an improper authorization vulnerability in their FlexiCompact
products.
Sick Advisory #2 - Sick published an
advisory that describes six missing authentication for critical function
vulnerabilities in their SIM products.
Siemens Healthineers - Siemens published an
advisory that describes seven vulnerabilities in their syngo Dynamics
servers.
Vendor Updates
HPE Update - HPE published an update
for their B-series SAN Switches advisory that was originally
published on November 11th, 2022.
Mitsubishi Update #1 - Mitsubishi published an
update for their Multiple FA Engineering Software Products advisory that
was originally
published on July 30th, 2020 and most
recently updated on July 28th, 2022.
Mitsubishi Update #2 - Mitsubishi published an
update for their Multiple FA Engineering Software Products advisory that
was originally
published on February 18th, 2021 and most
recently updated on July 28th, 2021.
Palo Alto Networks Update - Palo Alto Networks
published an
update for their Cortex XSOAR advisory that was originally
published on November 9th, 2022.
Exploits
Siemens Exploit - Mr me published an Metasploit module for a
remote code execution vulnerability in the VMware NSX Manager XStream.
For more information on these disclosures, including links
to researcher reports, 3rd party advisories, exploits, and one
Russian commentary, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-11-f60
- subscription required.