For Part 2 we have 26 additional vendor disclosures from Insyde (16), Moxa, Palo Alto Networks (2), Phoenix Contact, Schneider, Trumpf, VMware, Western Digital (2), and Wiesemann. There are nine vendor updates from Bosch, HPE, Schneider (5), and Siemens (2). We also have seven researcher reports for products from POWERCOM (4), Intel, SAE J2497, and ABB. Finally, we have an exploit for products from AVEVA.
Vendor Disclosures
Insyde Advisory #1 - Insyde published an advisory that
describes a race condition vulnerability in their IhisiSmm driver.
Insyde Advisory #2 - Insyde published an advisory that
describes a race condition vulnerability in their PnpSmm driver.
Insyde Advisory #3 - Insyde published an advisory that
describes a race condition vulnerability in their FvbServicesRuntimeDxe driver.
Insyde Advisory #4 - Insyde published an advisory that
describes a race condition vulnerability in their PcdSmmDxe driver.
Insyde Advisory #5 - Insyde published an advisory that
describes a race condition vulnerability in their SmmResourceCheckDxe driver.
Insyde Advisory #6 - Insyde published an advisory that
describes a race condition vulnerability in their AhciBusDxe software SMI
handler.
Insyde Advisory #7 - Insyde published an advisory that
describes a race condition vulnerability in their FwBlockServiceSmm software
SMI handler.
Insyde Advisory #8 - Insyde published an advisory that
describes a race condition vulnerability in their IdeBusDxe driver.
Insyde Advisory #9 - Insyde published an advisory that
describes a race condition vulnerability in their SdHostDriver.
Insyde Advisory #10 - Insyde published an advisory that
describes a race condition vulnerability in their HddPassword software.
Insyde Advisory #11 - Insyde published an advisory that
describes a race condition vulnerability in their Int15ServiceSmm software.
Insyde Advisory #12 - Insyde published an advisory that
describes a race condition vulnerability in their NvmExpressLegacy software.
Insyde Advisory #13 - Insyde published an advisory that
describes a race condition vulnerability in their SdMmcDevice software.
Insyde Advisory #14 - Insyde published an advisory that
describes a race condition vulnerability in their NvmExpressDxe software.
Insyde Advisory #15 - Insyde published an advisory that
describes a race condition vulnerability in their VariableRuntimeDxe software.
Insyde Advisory #16 - Insyde published an advisory that
describes a race condition vulnerability in their StorageSecurityCommandDxe
driver.
Moxa Advisory - Moxa published an
advisory that describes three vulnerabilities in their VPort Series IP
cameras.
Palo Alto Networks Advisory #1 - Palo Alto Networks
published an
advisory that discusses the Text4Shell
vulnerability.
Palo Alto Networks Advisory #2 - Palo Alto Networks
published an
advisory that describes a privilege escalation vulnerability in their Cortex
XSOAR Engine.
Phoenix Contact Advisory - Phoenix Contact published an
advisory that describes two vulnerabilities in their Automation Worx
Software Suite.
Schneider Advisory - Schneider published an
advisory that describes three vulnerabilities in their NetBotz 4 security
and environmental monitors.
TRUMPF Advisory - CERT-VDE published an advisory that
discusses two vulnerabilities in the TRUMPF TruControl laser control software.
VMware Advisory - VMware published an
advisory that describes five vulnerabilities in their Workspace ONE Assist
product.
Western Digital Advisory #1 - Western Digital
published an
advisory that describes a path traversal vulnerability in their My Cloud
Home and SanDisk ibi devices.
Western Digital Advisory #2 - Western Digital
published an end-of-life
notice for their EdgeRover™ software.
Wiesemann Advisory - CERT-VDE published an advisory that describes three vulnerabilities in the Wiesemann Com-Server Family.
Vendor Updates
Bosch Update - Bosch published an
update for their BF-OS advisory that was originally
published on August 1st, 2022.
HPE Update - HPE published an
update for their BackBox Software advisory that was originally published on
June 16th, 2021.
Schneider Update #1 - Schneider published an
update for their EcoStruxure EV Charging Expert advisory that was originally
published on February 8th, 2022.
Schneider Update #2 - Schneider published an
update for their BadAlloc advisory
that was originally
published on November 9th, 2021 and most
recently updated on October 11th, 2022.
Schneider Update #3 - Schneider published an
update for their ISaGRAPH advisory that was originally
published on June 8th, 2021 and most
recently updated on September 14th, 2021.
Schneider Update #4 - Schneider published an
update for their homeLYnk advisory that was originally
published on May 11th, 2021.
Siemens Update - Siemens published an update for their TCP/IP Stack of Nucleus RTOS advisory that was originally published on February 9th, 2021.
Researcher Reports
POWERCOM Report #1 - AWESEC published a report describing a
clear-text transmission of sensitive information vulnerability in the POWERCOM UPSMON
PRO UPS monitor.
POWERCOM Report #2 - AWESEC published a report describing
an insecure storage of credentials vulnerability in the POWERCOM UPSMON PRO UPS
monitor.
POWERCOM Report #3 - AWESEC published a report describing a
path traversal vulnerability in the POWERCOM UPSMON PRO UPS monitor.
POWERCOM Report #4 - AWESEC published a report describing an
authentication bypass vulnerability in the POWERCOM UPSMON PRO UPS monitor.
Intel Report - BINARLY published a report describing
a stack-based buffer overflow vulnerability in the Intel UEFI DXE driver; the
report includes proof-of-concept code.
SAE J2497 Report - IOActive published a
report describing a remote write vulnerability in equipment supporting the SAE
J2497 standard for Power Line Communications (also known as “PLC4TRUCKS”).
ABB Report - Claroty published a report describing a path traversal vulnerability in the ABB Totalflow TCP protocol; report includes proof-of-concept code.
Exploits
AVEVA Exploit - Jens Regel published an exploit for a path
traversal vulnerability in the AVEVA Access Anywhere Secure Gateway.
For more details about these disclosures, including
third-party advisories and researcher reports – see my article at CFSN Detailed
Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-11-9c4
- subscription required.
Posts
No comments:
Post a Comment