Review – Public ICS Disclosures – Week of 6-10-23 – Part 1

This week we have thirteen vendor disclosures from Carrier, HPE (2), Insyde (3), Palo Alto Networks (3), Phoenix Contact, QNAP, Riello, and VMware. There is also an update from HPE.

In Part 2, I will look at advisories and updates for products from FortiGuard, Schneider and Siemens.

Advisories

Carrier Advisory - Carrier published an advisory that describes an authorization bypass vulnerability in their g MASmobile Classic application.

HPE Advisory #1 - HPE published an advisory that describes a privileged information disclosure vulnerability in their Insight Remote Support (I-RS) product.

HPE Advisory #2 - HPE published an advisory that discusses 19 vulnerabilities in their Integrity MC990 X Server RMC firmware.

Insyde Advisory #1 - Insyde published an advisory that describes a memory leak vulnerability in their CapsuleIFWUSmm driver.

Insyde Advisory #2 - Insyde published an advisory that discusses an empty TPM platform authorization vulnerability.

Insyde Advisory #3 - Insyde published an advisory that describes a security boundary bypass vulnerability in the InsydeH2O UEFI.

Palo Alto Networks Advisory #1 - Palo Alto Networks published an advisory that describes a cross-site scripting vulnerability in their PAN-OS product.

Palo Alto Networks Advisory #2 - Palo Alto Networks published an advisory that describes a privilege escalation vulnerability in their GlobalProtect App.

Palo Alto Networks Advisory #3 - Palo Alto Networks published an advisory that discusses the MOVEit Vulnerabilities.

Phoenix Contact Advisory - Phoenix Contact published an advisory that discusses two vulnerabilities in their FL MGUARD family.

QNAP Advisory - QNAP published an advisory that discusses four vulnerabilities in multiple products.

Riello Advisory - Incibe-CERT published an advisory that describes a CSRF token validation vulnerability in the Riello UPS Netman-204 network adapter.

VMware Advisory - VMware published an advisory that describes an authentication bypass vulnerability in their Tools product.

Updates

HPE Update - HPE published an update for their NonStop servers advisory that was originally published on March 16^th, 2023.

 

For more details about these disclosures, including links to third-party advisories and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-6-7ce - subscription required.