Saturday, April 15, 2023

Review – Public ICS Disclosures – Week of 4-8-23 – Part 1

And once again it is the Saturday after Cyber Tuesday. For Part 1, we have 34 vendor disclosures from B&R, Flexera, Hikvision, HMS, HP, HPE (3), Insyde (8), Meinberg, Palo Alto Networks (3), Phoenix Contact, Sick, Tanzu (9), and Wireshark (3).

NOTE: It has become obvious that FortiGuard has joined the ranks of organizations that report vulnerabilities en-mass on Cyber Tuesday. As such they will join Schneider and Siemens in being reported in a subsequent Part of the weekend’s Public ICS Disclosure.

Advisories

B&R Advisory - B&R published an advisory that discusses three vulnerabilities in their B&R VC4 Visualization product.

Flexera Advisory - Flexera published an advisory that discusses four vulnerabilities in their FlexNet Publisher product.

Hikvision Advisory - Hikvision published an advisory that describes an improper access control vulnerability in their Hybrid SAN/Cluster Storage products.

HMS Advisory - HMS published an advisory that discusses the INFRA:HALT vulnerabilities.

HP Advisory - HP published an advisory that discusses 31 vulnerabilities in their Device Manager product.

HPE Advisory #1 - HPE published an advisory that describes six disclosure of sensitive information vulnerabilities in their OneView product.

HPE Advisory #2 - HPE published an advisory that describes a disclosure of sensitive information vulnerable in their OneView "Migrate Server Hardware" Option.

HPE Advisory #3 - HPE published an advisory that describes two disclosure of sensitive information vulnerabilities in their OneView Global Dashboard.

Insyde Advisory #1 - Insyde published an advisory that describes a memory corruption vulnerability in their FTBS SMI Handler.

Insyde Advisory #2 - Insyde published an advisory that describes an insufficient input validation vulnerability in their ChipsetSvcSmm.

Insyde Advisory #3 - Insyde published an advisory that describes an Smm RAM corruption vulnerability in their IhisiServicesSmm.

Insyde Advisory #4 - Insyde published an advisory that describes an SMMRAM corruption vulnerability in their IhisiServicesSmm.

Insyde Advisory #5 - Insyde published an advisory that describes a malformed pointer vulnerability in their IhisiServicesSmm.

Insyde Advisory #6 - Insyde published an advisory that discusses a buffer underflow vulnerability in their MdeModulePkg/PiSmmCore.

Insyde Advisory #7 - Insyde published an advisory that discusses an improper restriction of operations within the bounds of a memory buffer vulnerability in their NetworkPkg/IScsiDxe.

Insyde Advisory #8 - Insyde published an advisory that describes a buffer overflow vulnerability in their IhisiSmm.

Meinberg Advisory - Meinberg published an advisory that discusses five NTP vulnerabilities reported by spwpun.

Palo Alto Networks Advisory #1 - Palo Alto Networks published an advisory that describes an exposure of sensitive system information to unauthorized actor vulnerability in their PAN-OS product.

Palo Alto Networks Advisory #2 - Palo Alto Networks published an advisory that describes a TOCTOU race condition vulnerability in their GlobalProtect App.

Palo Alto Networks Advisory #3 - Palo Alto Networks published an advisory that describes an improper handling of exceptional conditions vulnerability in their PAN-OS.

Phoenix Contact Advisory - Phoenix Contact published an advisory that describes a path traversal vulnerability in their ENERGY AXC PU, SMARTRTU AXC and Infobox products.

Sick Advisory - Sick published an advisory that describes a use of obsolete function vulnerability in their  Flexi Soft and Flexi Classic Gateways products.

Tanzu Advisory #1 - Tanzu published an advisory that discusses six Ubuntu vulnerabilities that affect the Tanzu Operations Manager.

Tanzu Advisory #2 - Tanzu published an advisory that discusses an integer overflow or wraparound vulnerability in their Platform Automation Toolkit and Operations Manager products.

Tanzu Advisory #3 - Tanzu published an advisory that discusses an integer overflow or wraparound vulnerability in their Greenplum for Kubernetes product.

Tanzu Advisory #4 - Tanzu published an advisory that discusses eight Ubuntu vulnerabilities in the Tanzu Greenplum for Kubernetes product. Tanzu.

Tanzu Advisory #5 - Tanzu published an advisory that discusses two Ubuntu vulnerabilities in the Tanzu Isolation Segment, Operations Manager and Tanzu Application Service products.

Tanzu Advisory #6 - Tanzu published an advisory that discusses an interpretation conflict vulnerability in the Tanzu Isolation Segment and Tanzu Application Service products.

Tanzu Advisory #7 - Tanzu published an advisory that discusses three Ubuntu vulnerabilities in the Tanzu Isolation Segment and Tanzu Application Service products.

Tanzu Advisory #8 - Tanzu published an advisory that discusses two Ubuntu vulnerabilities in the Tanzu Tanzu Isolation Segment, Operations Manager and Tanzu Application Service products.

Tanzu Advisory #9 - Tanzu published an advisory that discusses a denial of service vulnerability in their Platform Automation Toolkit.

Wireshark Advisory #1 - Wireshark published an advisory that describes a packet injection vulnerability in their RPCoRDMA dissector.

Wireshark Advisory #2 - Wireshark published an advisory that describes a packet injection vulnerability in their LISP dissector.

Wireshark Advisory #3 - Wireshark published an advisory that describes a packet injection vulnerability in their GQUIC dissector. Wireshark has new versions that mitigate the vulnerability.

 

For more details about these disclosures, including links to third-party advisories, researcher reports, and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-4-afc - subscription required.

No comments:

 
/* Use this with templates/template-twocol.html */