Review – Public ICS Disclosures – Week of 12-3-22

This week we have a vendor OpenSSL 3.0 vulnerability advisory from Hitachi Energy. We have nine other vendor disclosures from Aruba Networks, Broadcom, HP (2), Sprecher Automation (2), VMware, and Wireshark (2). Finally, we have three exploits for products from Delta Electronics (2), and VMware.

OpenSSL 3.0 Advisory

Hitachi Energy Advisory - Hitachi published an advisory that discusses the OpenSSL 3.0 vulnerabilities.

Other Vendor Advisories

Aruba Advisory - Aruba published an advisory that describes twelve vulnerabilities (one with known exploit) in their ClearPass Policy Manager.

Broadcom Advisory - Broadcom published an advisory that discusses the BMC&C vulnerabilities.

HP Advisory #1 - HP published an advisory that discusses the Sweet32 vulnerabilities in a number of their printer products.

HP Advisory #2 - HP published an advisory that describes a privilege escalation vulnerability in their HPSFViewer.

Sprecher Advisory #1 - Sprecher published an advisory that describes a code-injection vulnerability in their SPRECON products.

Sprecher Advisory #2 - Sprecher published an advisory that describes a hard-coded credentials vulnerability in their SPRECON products.

NOTE: Both Sprecher advisories were published in a single document.

VMware Advisory - VMware published an advisory that describes four vulnerabilities in their ESXi and vCenter Server. The

Wireshark Advisory #1 - Wireshark published an advisory that describes infinite loop vulnerabilities in their BPv6, OpenFlow, and Kafka protocol dissectors.

Wireshark Advisory #2 - Wireshark published an advisory that describes a memory exhaustion vulnerability in their Kafka dissector.

Exploits

Delta Exploit #1 - T Weber published an exploit for a command injection and a cross-site scripting vulnerabilities in the Delta DX-2100-L1-CN.

Delta Exploit #2 - T Weber published an exploit for a command injection vulnerability in the Delta DVW-W02W2-E2.

VMware Exploit - H00die published a Metasploit module for a privilege escalation vulnerability in the VMware vCenter and vScalation products.

 

For more details about these disclosures, including links to exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-12-420 - subscription required.