Review – Public ICS Disclosures – Week of 3-18-23

This week we have nine vendor disclosures from Aruba Networks, GE Gas Power (3), HP, Meinberg, Moxa, Philips, and WatchGuard. We also have eight vendor updates from Broadcom (2), Eaton, and HPE (5). Finally, we have five researcher reports for vulnerabilities in products from Insyde (3) and WellinTech (2).

Advisories

Aruba Advisory - Aruba published an advisory that describes a remote code execution vulnerability in their CX Switches.

GE Advisory #1 - GE published an advisory that discusses unnamed security issues with the Woodward MicroNet Plus 5200 CPU.

GE Advisory #2 - GE published an advisory that describes a deserialization vulnerability in their ToolboxST product.

GE Advisory #3 - GE published an advisory that discusses a buffer underwrite vulnerability in the FortiGuard FortiOS that affects the GE NetworkST4, Remote Operations Offering, and M&D Lockbox and S3C Firewall (60F) products.

HP Advisory - HP published an advisory that discusses 16 time-of-check to time-of-use vulnerability in a variety of their products.

Meinberg Advisory - Meinberg published an advisory that discusses eleven vulnerabilities in their LANTIME product.

Moxa Advisory - Moxa published an advisory that discusses two TCG TPM2.0 implementation vulnerabilities.

Philips Advisory - Philips published an advisory that discusses two remote code execution vulnerabilities.

WatchGuard Advisory - WatchGuard published an advisory that discusses an OpenSSH double free vulnerability.

Updates

Broadcom Update #1 - Broadcom published an update for their AMI MegaRAC Baseboard Management Controller that was originally published on December 9^th, 2022.

Broadcom Update #2 - Broadcom published an update for their ksmb module in the Linux kernel advisory that was originally published on December 24^th, 2022.

Eaton Update - Eaton published an update for their Ripple20 advisory that was originally published on June 23^rd, 2020 and most recently updated on November 11^th, 2020.

HPE Update #1 - HPE published an update for their ProLiant BL/DL/ML Servers advisory that was originally published on February 14^th, 2023.

HPE Update #2 - HPE published an update for their Aruba ClearPass Policy Manager advisory that was originally published on March 15^th, 2023.

HPE Update #3 - HPE published an update for their StoreEasy Servers advisory that was originally published on February 14^th, 2023.

HPE Update #4 - HPE published an update for their Synergy Servers advisory that was originally published on February 14^th, 2023.

HPE Update #5 - HPE published an update for their Proliant DX Servers advisory that was originally published on February 14^th, 2023.

Researcher Reports

Insyde Reports - BINARLY published three reports about vulnerabilities in the InsydeH2O products.

WellinTech Reports - Cisco Talos published two reports about vulnerabilities in the WellinTech KingHistorian.

 

For more details about these disclosures, including links to researcher reports, 3^rd party advisories, and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-3-434 - subscription required.