Review – Public ICS Disclosures – Week of 1-28-23

This week we have twelve vendor disclosures from BaiCells, B&R, Hitachi, HP, HPE, JTEKT Electronics, Moxa, Pulse Secure (2), QNAP, and VMware (2). There is also a vendor update from VMware. Finally, we have two researcher reports for products from Sierra Wireless and describing vulnerabilities in the Open Charge Point Protocol for electric vehicle charging stations.

Advisories

BaiCells Advisory - BaiCells published an advisory that describes a use of hard-coded credentials vulnerability in their Nova 227, Nova 233, and Nova 243 LTE TDD eNodeB devices.

B&R Advisory - B&R published an advisory that describes five vulnerabilities in their ARPOL database.

Hitachi Advisory - Hitachi published an advisory that discusses 60 vulnerabilities in their Disk Array Systems.

HP Advisory - HP published an advisory that describes an escalation of privilege vulnerabilities in their Factory Preinstalled Images.

HPE Advisory - HPE published an advisory that discusses a use-after-free vulnerability in their HPE OneView.

JTEKT Advisory - JP CERT published an advisory that describes seven vulnerabilities in the JTEKT Screen Creator Advance product.

Moxa Advisory - Moxa published an advisory that describes six vulnerabilities in their SDS-3008 Series web server.

Pulse Secure Advisory #1 - Pulse Secure published an advisory that discusses four OpenSSL vulnerabilities.

Pulse Secure Advisory #2 - Pulse Secure published an advisory that describes a cross-site request forgery vulnerability in their Pulse Connect Secure.

QNAP Advisory - QNAP published an advisory that describes an SQL injection vulnerability in their QTS or QuTS hero products.

VMware Advisory #1 - VMware published an advisory that describes a cross-site request forgery bypass vulnerability in their vRealize Operations (vROps).

VMware Advisory #2 - VMware published an advisory that describes an arbitrary file deletion vulnerability in their VMware Workstation product. 

Updates

VMware Update - VMware published an update for their vRealize Log Insight advisory that was originally published on January 24^th, 2023.

Researcher Reports

Sierra Wireless Report - Otorio published a report describing two vulnerabilities in the Sierra Wireless AirLink products. The report contains proof-of-concept code.

OCPP Report - SaiFlow published a report describing two vulnerabilities in the WebSocket communications used by the Open Charge Point Protocol (OCPP).

 

For more details about these disclosures, including links to researcher reports and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-1-768 - subscription required.