This week we have nine vendor disclosures from Aqua eSolutions, Beldon, HP (2), SEL (2), Sierra Wireless, Splunk, and Zyxel. There are two vendor updates from AMI and HPE. We also have three researcher reports about vulnerabilities in products from Tesla. Finally, we have two exploits for products from ABB and Hikvision.
Advisories
Aqua Advisory - Incibe CERT published an
advisory that describes a relative path traversal vulnerability in their
Aqua Drive.
Belden Advisory - Beldon published an
advisory that discusses an undescribed JavaSE vulnerability in several of
their Belden and Hirschmann products.
HP Advisory #1 - HP published an
advisory that discusses two vulnerabilities in their Security Manager and
Web Jetadmin products.
HP Advisory #2 - HP published an
advisory that describes an elevation of privilege vulnerability in their LaserJet
Pro print products.
SEL Advisory #1 - SEL published a
new version notice for their SEL-5030 acSELerator QuickSet software that
addresses seven briefly described cybersecurity issues.
SEL Advisory #2 - SEL published a
new version notice for their SEL-5036 acSELerator Bay Screen Builder Software
that addresses a software validation issue.
Sierra Wireless Advisory - Sierra Wireless published an
advisory that briefly discusses a Cl0p ransomware attack on a Sierra
Wireless corporate server.
Splunk Advisory - Splunk published an advisory that
discusses two vulnerabilities in their SOAR product.
Zyxel Advisory - Zyxel published an advisory that describes seven vulnerabilities in their firewall and WLAN controllers.
Updates
AMI Update - AMI published an
update for their -MegaRAC SPX advisory that was originally published on
July 5th, 2023.
HPE Update - HPE published an update for their ArubaOS-CX 8000 Series Switches advisory that was originally published on February 2nd, 2022.
Researcher Reports
Tesla Reports - The Zero Day Initiative published three reports about individual vulnerabilities in the Tesla Model 3 that were discovered as part of a Pwn2Own competition.
Exploits
ABB Exploit - Paul Smith published an exploit for an
exposure of sensitive information to an unauthorized actor vulnerability in the
ABB FlowX product.
Hikvision Exploit - Thurein Soe published an exploit for a command injection vulnerability in the Hikvision Hybrid SAN Ds-a71024 product.
Commentary
I would like to commend Sierra Wireless on their advisory
about the potential consequences of their recent Cl0p ransomware attack.
Ransomware attacks are a big problem, but frequently overlooked in attacks on
vendors is that information may have been discovered by the attacker that could
be used to exploit product vulnerabilities in their customers. Reports like
this one provide customers a heads up about potential attacks on their
equipment.
For more details about these disclosures, including links to
researcher reports and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-7-c81
- subscription required.
Posts
No comments:
Post a Comment