This week we have 24 vendor disclosures from ABB, AUMA (2), Belden, Broadcom (3), Fujitsu, HP (6), HPE (2), Phoenix Contact (3), Rockwell, Sierra Wireless, Texas Instruments (2), Western Digital, and Zyxel.
Advisories
ABB Advisory - ABB published an
advisory that describes two vulnerabilities in their Freelance AC 900F and
AC 700F products.
AUMA Advisory #1 - CERT-VDE published an advisory that discusses
a cross-site scripting vulnerability in their Master Station product.
AUMA Advisory #2 - CERT-VDE published an advisory that
discusses an out-of-bounds write vulnerability in their Master Station product.
Belden Advisory - Belden published an
advisory that discusses an out-of-bounds write vulnerability in their Hirschmann
Owl product.
Broadcom Advisory #1 - Broadcom published an
advisory that discusses a cleartext transmission of sensitive information
vulnerability in their Brocade Fabric OS.
Broadcom Advisory #2 - Broadcom published an
advisory that discusses a use after free vulnerability in their Brocade
Fabric OS.
Broadcom Advisory #3 - Broadcom published an
advisory that discusses an uncontrolled recursion vulnerability in their Brocade
Fabric OS.
Fujitsu Advisory - Fujitsu published an
advisory that discusses eleven vulnerabilities in multiple products.
HP Advisory #1 - HP published an
advisory that discusses three vulnerabilities in multiple products.
HP Advisory #2 - HP published an
advisory that discusses five vulnerabilities in multiple products.
HP Advisory #3 - HP published an
advisory that discusses an insufficient input validation vulnerability in
multiple HP products.
HP Advisory #4 - HP published an
advisory that discusses a privilege escalation vulnerability in multiple HP
products.
HP Advisory #5 - HP published an
advisory that discusses a privilege escalation vulnerability in multiple HP
products.
HP Advisory #6 - HP published an advisory that discusses
six vulnerabilities in multiple HP products.
HPE Advisory #1 - HPE published an
advisory that discusses the Inception
vulnerability in their ProLiant AMD Servers.
HPE Advisory #2 - HPE published an
advisory that discusses the Inception
vulnerability in their ProLiant AMD Servers.
Phoenix Contact Advisory #1 - Phoenix Contact published
an
advisory that discusses eleven vulnerabilities in their PLCnext Engineer.
Phoenix Contact Advisory #2 - Phoenix Contact published
an
advisory that describes two vulnerabilities in their TC ROUTER and TC CLOUD
CLIENT products.
Phoenix Contact Advisory #3 - Phoenix Contact published
an
advisory that describes 14 vulnerabilities in their WP 6xxx Web panels.
Rockwell Advisory - Rockwell published an
advisory that described an incorrect calculation vulnerability in their Armor
PowerFlex product.
Sierra Wireless Advisory - Sierra Wireless published an
advisory that talks about recent cyberattacks on their AirLink Connection
Manager products.
Texas Instruments Advisory #1 - Texas Instruments
published an advisory
that describes a PN reuse vulnerability in their WL18xx products.
Texas Instruments Advisory #2 - Texas Instruments
published an advisory
that describes an integer overflow vulnerability in their SimpleLink™ CC32XX
SDK.
Western Digital Advisory - Western Digital published an
advisory that describes 17 vulnerabilities in their My Cloud Home, My Cloud
Home Duo and SanDisk ibi products.
Zyxel Advisory - Zyxel published an
advisory that talks about a command injection
vulnerability in their P660HN-T1A DSL CPE product (this product is
end-of-life) which was originally corrected in 2017.
For more of the details about these advisories, including
links to 3rd party advisories, researcher reports and exploits, see
my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-8-258
- subscription required.
Posts
No comments:
Post a Comment