Review – Public ICS Disclosures – Week of 11-12-22

This week we have two new OpenSSL 3.0 vendor disclosures from Eurotech, Ruckus Wireless. There are 24 other vendor disclosures from ABB, BD (2), Genetec, Hitachi Energy (2), HPE (2), Inductive Automation, Insyde (8), Mitsubishi, Moxa, OPC Foundation, Phoenix Contact, Sick (2), and Siemens Healthineers. There are three vendor updates from HPE, Mitsubishi (2), Palo Alto Networks. Finally, we have an exploit for products from Siemens.

OpenSSL 3.0 Vendor Disclosures

Eurotech published an OpenSSL 3.0 advisory. Eurotech reports that none of their products are affected.

Ruckus Wireless published an OpenSSL 3.0 advisory. Ruckus reports that none of their products are affected.

Vendor Disclosures

ABB Advisory - ABB published an advisory that describes a clear-text storage of credentials vulnerability in their PCM600 tool.

BD Advisory #1 - BD published an advisory that discusses an authentication bypass vulnerability with known exploit in their Kiestra products.

BD Advisory #2 - BD published a Third-Party Software Component End of Support notice for their Alaris products (products available in US are not affected).

Genetec published an advisory that discusses an improper authentication vulnerability in their Sipelia and Mission Control products (and various plugins).

Hitachi Energy Advisory #1 - Hitachi Energy published an advisory that discusses a clear-text storage of credentials vulnerability in their IED Connectivity Packages (IED ConnPacks) and PCM600 Products.

Hitachi Energy Advisory #2 - Hitachi Energy published an advisory that describes an input validation vulnerability in their MicroSCADA Pro/X SYS600 products.

HPE Advisory #1 - HPE published an advisory that describes an unauthorized access vulnerability in their NetBatch-Plus software.

HPE Advisory #2 - HPE published an advisory that describes an authentication bypass vulnerability in their OfficeConnect network switches.

Inductive Automation Advisory - Inductive Automation published an advisory that discusses the Text4Shell vulnerability.

Insyde Advisory #1 - Insyde published an advisory that describes an untrusted pointer vulnerability in their UsbCoreDxe file.

Insyde Advisory #2 - Insyde published an advisory that describes an untrusted input vulnerability in their AhciBusDxe file.

Insyde Advisory #3 - Insyde published an advisory that describes an incorrect pointer check vulnerability in their FwBlockServiceSmm driver.

Insyde Advisory #4 - Insyde published an advisory that describes an incorrect pointer check vulnerability in their NvmExpressDxe driver.

Insyde Advisory #5 - Insyde published an advisory that describes an untrusted pointer vulnerability in their SdHostDriver and SdMmcDevice.

Insyde Advisory #6 - Insyde published an advisory that describes a race condition vulnerability in their UsbCoreDxe.

Insyde Advisory #7 - Insyde published an advisory that describes an initialization function vulnerability in their PnpSmm file.

Insyde Advisory #8 - Insyde published an advisory that describes an input address manipulation vulnerability in their PnpSmm function 0x52 file.

Mitsubishi Advisory - Mitsubishi published an advisory that discusses a denial-of-service vulnerability in multiple consumer products.

Moxa Advisory - Moxa published an advisory that describes an improper authentication vulnerability in their NE-4100T Series.

OPC Foundation Advisory - The OPC Foundation published an advisory that describes a privilege escalation advisory in their local discovery server.

Phoenix Contact Advisory - Phoenix Contact published an advisory that describes a denial-of-service vulnerability in their FL MGUARD and TC MGUARD devices.

Sick Advisory #1 - Sick published an advisory that describes an improper authorization vulnerability in their FlexiCompact products.

Sick Advisory #2 - Sick published an advisory that describes six missing authentication for critical function vulnerabilities in their SIM products.

Siemens Healthineers - Siemens published an advisory that describes seven vulnerabilities in their syngo Dynamics servers.

Vendor Updates

HPE Update - HPE published an update for their B-series SAN Switches advisory that was originally published on November 11^th, 2022.

Mitsubishi Update #1 - Mitsubishi published an update for their Multiple FA Engineering Software Products advisory that was originally published on July 30^th, 2020 and most recently updated on July 28^th, 2022.

Mitsubishi Update #2 - Mitsubishi published an update for their Multiple FA Engineering Software Products advisory that was originally published on February 18^th, 2021 and most recently updated on July 28^th, 2021.

Palo Alto Networks Update - Palo Alto Networks published an update for their Cortex XSOAR advisory that was originally published on November 9^th, 2022.

Exploits

Siemens Exploit - Mr me published an Metasploit module for a remote code execution vulnerability in the VMware NSX Manager XStream.

For more information on these disclosures, including links to researcher reports, 3^rd party advisories, exploits, and one Russian commentary, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-11-f60 - subscription required.