Review – Public ICS Disclosure – Week of 4-1-23

This week we have six vendor disclosures from ABB, Belden, GE Gas Power, Palo Alto Networks, Ruckus Wireless, and Yokogawa. We also have four vendor updates for products from Aruba Networks and CODESYS (3).

Advisories

ABB Advisory - ABB published an advisory that describes an insecure storage of sensitive information in their My Control System (on-premise).

Belden Advisory - Belden published an advisory that describes a privilege escalation vulnerability in their Hirschmann Industrial HiVision product.

GE Advisory – GE Gas Power published an advisory that discusses a path traversal vulnerability in multiple products. This is a third-party (Fortinet) vulnerability.

Palo Alto Networks Advisory - Palo Alto Networks published an advisory that discusses the DLL side loading vulnerability utilized by the Rorschach ransomware.

Ruckus Advisory - Ruckus published an advisory that discusses the  Framing Frames vulnerability.

Yokogawa Advisory - Yokogawa published an advisory that describes an elevation of privilege vulnerability in their CENTUM Authentication Mode.

Updates

Aruba Update - Aruba published an update for their Framing Frames advisory that was originally published on March 30^th, 2023.

CODESYS Update #1 - CODESYS published an update for their runtime system V3 communication server advisory that provides additional information that was originally published on February 23^rd, 2023 and most recently updated on March 8^th, 2023.

CODESYS Update #2 - CODESYS published an update that provides additional information for their Control V3 advisory that was originally published on February 23^rd, 2023 and most recently updated on March 8^th, 2023.

CODESYS Update #3 - CODESYS published an update that provides additional information for their Control V3 file access advisory that was originally published on February 23^rd, 2023 and most recently updated on March 8^th, 2023.

Reports

AMD Reports - Binarily published three reports about vulnerabilities in the SMM Driver On AMD-Based Gigabyte Devices.

 

For more details on these disclosures, including links to 3rd party advisories and a brief description of changes made in the updates, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosure-week-of-4-1 - subscription required.