Review – Public ICS Disclosures – Week of 9-9-23 – Part 1

For the week of Cyber Tuesday, the number of disclosures is very reasonable. Still, I am doing a two-part post. For Part 1 we have 16 vendor disclosures for DrayTek, FortiGuard, HP, HPE (2), Insyde (2), JTEKT, Palo Alto Networks (2), QNAP (3), Rockwell Automation (2), and Trumpf. There is one vendor update from Broadcom.

For Part 2 I will be looking at advisories and updates from Schneider and Siemens as well as four exploits.

Advisories

DrayTek Advisory - DrayTek published an advisory that describes a format string vulnerability in their Vigor routers.

FortiGuard Advisory - FortiGuard published an advisory that describes a cross-site scripting vulnerability in their FortiProxy and FortiOS products.

HP Advisory - HP published an advisory that discusses two vulnerabilities in multiple products.

HPE Advisory #1 - HPE published an advisory that describes two authentication bypass vulnerabilities in their OneView infrastructure management software.

HPE Advisory #2 - HPE published an advisory that discusses the Downfall Attacks vulnerability.

Insyde Advisory #1 - Insyde published an advisory that discusses four vulnerabilities in their InsydeH2O product.

Insyde Advisory #2 - Insyde published an advisory that describes an arbitrary code execution vulnerability in their SystemFirmwareManagementRuntimeDxe.

JTEKT Advisory - JTEKT published an advisory that describes two vulnerabilities in their Kostac PLC Programming Software.

Palo Alto Networks Advisory #1 - Palo Alto Networks published an advisory that describes an improper handling of exceptional conditions vulnerability in their Cortex XDR Agent.

Palo Alto Networks Advisory #2 - Palo Alto Networks published an advisory that discusses an improper validation of integrity check value vulnerability in their PAN-OS and Prisma products.

QNAP Advisory #1 - QNAP published an advisory that describes an OS command injection vulnerability in their QTS, QuTS hero, and QuTScloud products.

QNAP Advisory #2 - QNAP published an advisory that describes two NULL pointer dereference vulnerabilities in their QTS, QuTS hero, and QuTScloud products.

QNAP Advisory #3 - QNAP published an advisory that describes two out-of-bounds write vulnerabilities in their QTS, QuTS hero and QuTScloud products.

Rockwell Advisory #1 - Rockwell published an advisory that describes an improper input validation vulnerability in their FactoryTalk View Machine Edition product.

Rockwell Advisory #2 - Rockwell published an advisory that discusses four vulnerabilities in their KEPServerEX product.

Trumpf Advisory - CERT-VDE published an advisory that discusses two vulnerabilities in the TRUMPF License Expert.

Updates

Broadcom Update - Broadcom published an update for their use-after-free advisory that was originally published on August 1^st, 2023.

 

For more details about these disclosures, including links to researcher reports, 3^rd party advisories and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-9-900 - subscription required.