Public ICS Disclosures – Week of 4-15-23

This week we have six vendor disclosures from Cisco, Draeger, Omron (2), Philips, and VMware. There are seven vendor updates from Palo Alto Networks, QNAP (5), and Schneider. Finally, we have two exploits for products from VMware.

Advisories

Cisco Advisory - Cisco published an advisory that describes two vulnerabilities in their Industrial Network Director (IND).

Draeger Advisory - Draeger published an advisory that discusses the status of TLS 1.0 which has been deprecated by Internet Engineering Task Force.

Omron Advisory #1 - Omron published an advisory that describes a missing authentication for critical function vulnerability in their CS/CJ series Programmable Controllers.

Omron Advisory #2 - Omron published an advisory that describes seven vulnerabilities in their Factory Interface Network Service message communications protocol.

Philips Advisory - Philips published an advisory that discusses a Windows privilege escalation vulnerability that has been exploited in the wild.

VMware Advisory - VMware has published an advisory that describes two vulnerabilities in their Aria Operations for Logs product.

Updates

Palo Alto Networks Update - Palo Alto Networks published an update for their PAN-OS advisory that was originally published on April 12^th, 2023.

QNAP Update #1 - QNAP published an update for their sudo advisory that was originally published on March 30^th, 2023.

QNAP Update #2 - QNAP published an update for their QTS, QuTS hero, QuTScloud, QVP, and QVR advisory that was originally published on March 30^th, 2023.

QNAP Update #3 - QNAP published an update for their QTS, QuTS hero, QuTScloud, and QVP advisory that was originally published on March 30^th, 2023.

QNAP Update #4 - QNAP published an update for their Buffer Overflow Vulnerability in Samba advisory that was originally published on March 30^th, 2023.

QNAP Update #5 - QNAP published an update for their Buffer Overflow Vulnerabilities in Samba advisory that was originally published on March 30^th, 2023.

Schneider Update - Schneider published an update for their Easy UPS Online Monitoring Software that was originally published on April 11^th, 2023.

Exploits

VMware Exploit #1 - Mr­­_me published a Metasploit module for an improper privilege management vulnerability in the VMware Workspace One product.

VMware Exploit #2 - Mr­­_me published a Metasploit module for three vulnerabilities in the VMware Workspace One product.

 

For more details about these disclosures, including links to 3rd party advisories and brief description of changes made in updates, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-4-c16 - subscription required.