This week we have 13 vendor disclosures from Aruba Networks, CBC, Hitachi, Moxa, Ormazabal, QNAP (3), Sick, and Wireshark (4).
Advisories
Aruba Advisory - Aruba published an advisory that
describes 20 vulnerabilities in their EdgeConnect SD-WAN Orchestrator.
CBC Advisory - JP-CERT published an advisory that describes
three vulnerabilities in the CBC digital video recorders.
Hitachi Advisory - Hitachi published an advisory that
describes four vulnerabilities in their EH-VIEW product.
Moxa Advisory - Moxa published an
advisory that describes four vulnerabilities in their ioLogik 4000 Series products.
Ormazabal Advisory - Incibe-CERT published an
advisory that describes 10 vulnerabilities in the Ormazabal ekorCCP and
ekorRCI industrial devices.
QNAP Advisory #1 - QNAP published an advisory
that describes an inadequate encryption strength vulnerability in their QTS and
QuTS hero products.
QNAP Advisory #2 - QNAP published an advisory
that describes an insufficient entropy vulnerability in their QTS and QuTS hero
products.
QNAP Advisory #3 - QNAP published an advisory
that describes a cleartext transmission of sensitive information vulnerability
in their QTS and QuTS hero products.
Sick Advisory - Sick published an
advisory that describes four vulnerabilities in their LMS5xx products.
Wireshark Advisory #1 - Wireshark published an advisory
that describes a dissector crash vulnerability in their CP2179.
Wireshark Advisory #2 - Wireshark published an advisory
that describes a dissector memory leak vulnerability in their BT SDP.
Wireshark Advisory #3 - Wireshark published an advisory
that describes an infinite loop vulnerability in their BT SDP.
Wireshark Advisory #4 - Wireshark published an advisory
describes a dissector crash vulnerability in their CBOR.
For more details about these disclosures, including links to
researcher reports, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-8-922
- subscription required.
Posts
No comments:
Post a Comment