Review – Public ICS Disclosures – Week of 8-26-23

This week we have 53 vendor disclosures from Aruba Networks, Bosch, Broadcom (24), Festo, i-Pro, GE Gas Power, Hitachi, Hitachi Energy, HPE, Moxa, SEL (5), Splunk (11), Texas Instruments (2), and VMware (2). There are also three vendor updates from Broadcom (2) and Mitsubishi. Finally, we have four researcher reports for products from Unified Automation and Tinycontrol (3).

Advisories

Aruba Advisory - Aruba published an advisory that describes three vulnerabilities in their ArubaOS switch products.

Bosch Advisory - Bosch published an advisory that describes a code injection vulnerability in their RTS VLink Virtual Matrix Software.

Broadcom Advisories - Broadcom published 24 advisories for vulnerabilities in various Brocade products.

Festo Advisories - CERT-VDE published an advisory that discusses a cross-site scripting vulnerability in the Festo LX Appliance.

i-Pro Advisory - JP-CERT published an advisory that describes four vulnerabilities in the i-Pro VI Web Client.

GE Advisory - GE published an advisory that describes a default administrator vulnerability in their Nexus OTArmor product.

Hitachi Advisory - Hitachi published an advisory that describes an insufficient logging vulnerability in their HiRDB servers.

Hitachi Energy Advisory - Hitachi published an advisory that discusses four vulnerabilities in their Lumada APM Edge product.

HPE Advisory - HPE published an advisory that discusses 48 vulnerabilities in their SANnav Management Software.

Moxa Advisory - Moxa published an advisory that describes five vulnerabilities in their MXsecurity Series products.

SEL Advisories - SEL published five advisories. These advisories are only available to registered owners.

Splunk Advisories - Splunk published 11 advisories for various products.

TI Advisory #1 - TI published an advisory that discusses a Bluetooth reconnection vulnerability in multiple TI products.

TI Advisory #2 - TI published an advisory that discusses a failure to connect Bluetooth devices vulnerability in multiple TI products.

VMware Advisory #1 - VMware published an advisory that describes two vulnerabilities in their Aria Operations for Networks product.

VMware Advisory #2 - VMware published an advisory that discusses a SAML token signature bypass vulnerability in their Tools product.

Updates

Broadcom Update #1 - Broadcom published an update for their ASN1_STRING structure advisory that was originally published on September 13^th, 2022.

Broadcom Update #2 - Broadcom published an update for their Apache Commons Text advisory that was originally published on October 20^th, 2022.

Mitsubishi Update - Mitsubishi published an update for their BACnet® secure connect function of GENESIS64 advisory that was originally published on March 7^th, 2023.

Researcher Reports

Unified Automation Report - The Zero Day Initiative published a report describing an integer overflow vulnerability in the Unified Automation UaGateway.

Tinycontrol Reports - Zero Science Lab published three reports about individual vulnerabilities in the Tinycontrol LAN Controller.

 

For more details about these disclosures, including links to 3^rd party reports and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-8-c47 - subscription required.