Review – Public ICS Disclosures – Week of 4-22-23

This week we have eighteen vendor disclosures from BD, Belden (2), Bosch (2), GE Gas Power (2), Genetec, Hitachi Energy (4), HPE, Mitsubishi, Moxa, Omron, Schneider, and VMware. There are two vendor updates from HPE, and Mitsubishi. Finally, we have an FDA report on the Illumina vulnerabilities.

Advisories

BD Advisory - BD published an advisory that describes a credential sharing incident that could affect their BD Kiestra product.

Belden Advisory #1 - Belden published an advisory that discusses an integer overflow or wraparound vulnerability in their HiSecOS and Cellular Router products.

Belden Advisory #2 - Belden published an advisory that discusses two vulnerabilities in their Hirschmann product line.

Bosch Advisory #1 - Bosch published an advisory that describes an incorrect authorization vulnerability in their B420 Ethernet communication module.

Bosch Advisory #2 - Bosch published an advisory that discusses a use of obsolete function vulnerability in their SLC-0-GPNT00300 interface module.

GE Gas Power Advisory #1 - GE published an advisory that discusses a path traversal vulnerability in multiple products.

GE Gas Power Advisory #2 - GE published an advisory that discusses a buffer underflow vulnerability in multiple products.

Genetec Advisory - Genetec published an advisory that discusses three vulnerabilities in the Security Center product.

Hitachi Energy Advisory #1 - Hitachi Energy published an advisory that discusses eight vulnerabilities in their Modular Switchgear Monitoring product.

Hitachi Energy Advisory #2 - Hitachi Energy published an advisory that discusses four vulnerabilities in their RTU500 series product.

Hitachi Energy Advisory #3 - Hitachi Energy published an advisory that discusses two vulnerabilities in their RTU500 series product.

Hitachi Energy Advisory #4 - Hitachi Energy published an advisory that discusses two vulnerabilities in their AFS65x, AFS67x, AFR67x and AFF66x series Products.

HPE Advisory - HPE published an advisory that describes an arbitrary code execution vulnerability in their ProLiant RL300 Gen11 Server.

Mitsubishi Advisory - Mitsubishi published an advisory that discusses nine vulnerabilities in their FA product line.

Moxa Advisory - Moxa published an advisory that discusses two Trusted Computing Group TPM2.0 implementation vulnerabilities.

Omron Advisory - Omron published an advisory that describes a heap-based buffer overflow vulnerability in their CX-drive support tool.

Schneider Advisory - Schneider published an advisory that discusses a recently published exploit for vulnerabilities in their KNX building automation systems.

VMware Advisory - VMware published an advisory that describes four vulnerabilities in their Workstation and Fusion products.

Updates

HPE Update - HPE published an update for their IceWall advisory that was originally published on March 9^th, 2018 and most recently updated on January 27^th, 2023.

Mitsubishi Update - Mitsubishi published an update for their Ethernet port of MELSEC and MELIPC Series advisory that was originally published on November 30^th, 2021 and most recently updated on November 24^th, 2022.

Reports

Illumina Report - The Federal Drug Administration (FDA) published a letter to healthcare providers on the Illumina vulnerabilities reported this week by CISA.

 

For more details on these disclosures, including links to 3^rd party advisories and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-4-b33 - subscription required.