Review – Public ICS Disclosures – Week of 9-16-23

This week we have 15 vendor disclosures from Fauscher, GE Gas Power, HPE (4), Ingeteam, Mitsubishi, Phoenix Contact, QNAP (3), Schweitzer Engineering Labs (2), and Zyxel. There are five vendor updates for products from Broadcom (2) and Palo Alto Networks (3). There are also two researcher reports for products from Atos and Royal Aps. Finally, we have an exploit for products from Ivanti.

Advisories

Frauscher Advisory – CERT-VDE published an advisory that describes three vulnerabilities in their FDS101 for FAdC/FAdCi product.

GE Advisory - GE published an advisory that discusses seven vulnerabilities in the Nozomi Guardian/CMC.

HPE Advisory #1 - HPE published an advisory that discusses two vulnerabilities in their NonStop Products.

HPE Advisory #2 - HPE published an advisory that describes four incomplete cleanup vulnerabilities in their NonStop Products.

HPE Advisory #3 - HPE published an advisory that discusses two improper initialization vulnerabilities in their ProLiant AMD XL Servers.

HPE Advisory #4 - HPE published an advisory that discusses two improper initialization vulnerabilities in their ProLiant AMD DL Servers.

Ingeteam Advisory - Incibe-CERT published an advisory that describes three input validation vulnerabilities in the Ingeteam INGEPAC DA3451 and INGEPAC FC5066.

Mitsubishi Advisory - Mitsubishi published an advisory that describes an incorrect default permissions vulnerability in their FA Engineering Software products.

QNAP Advisory #1 - QNAP published an advisory that describes a classic buffer overflow vulnerability in their Multimedia Console products.

QNAP Advisory #2 - QNAP published an advisory that describes a classic buffer overflow vulnerability in their legacy versions of QTS products.

QNAP Advisory #3 - QNAP published an advisory that discusses three vulnerabilities in their QTS, QuTS hero, and QuTScloud.

SEL Advisory #1 - SEL published an advisory that reports vulnerabilities in their Protocol Services.

SEL Advisory #2 - SEL published an advisory that reports vulnerabilities in their Blueframe OS.

Zyxel Advisory - Zyxel published an advisory that discusses the report of a 2017 vulnerability in their EMG2926-Q10A product being listed on  CISA Known Exploited Vulnerabilities (KEV) catalog.

Updates

Broadcom Update #1 - Broadcom published an update for their Apache HTTP Server advisory that was originally published on August 1^st, 2023.

Broadcom Update #2 - Broadcom published an update for their HTTP Server advisory that was originally published on August 1^st, 2023.

Palo Alto Networks Update #1 - Palo Alto Networks published an update for their TunnelCrack vulnerabilities advisory that was originally published on August 16^th, 2023 and most recently updated on August 21^st.

Palo Alto Networks Update #2 - Palo Alto Networks published an update for their Cortex XDR Agent advisory that was published on September 9^th.

Palo Alto Networks Update #3 - Palo Alto Networks published an update for their BGP Software advisory that was published on September 13^th, 2023.

Reports

Atos Report - SEC Consult published a report describing two vulnerabilities in the Atos Unify OpenScape. The report includes proof-of-concept code.

Royal Aps Report - Zero Science published a report that describes a heap memory corruption vulnerability in the Royal Apps RoyalTSX remote access tool.

Exploit

Ivanti Exploit - Ege Balci published a Metasploit module for an out-of-bounds write vulnerability in the Ivanti Avalanche MDM.

 

For more details about these disclosures, including links to 3^rd party advisories and researcher reports, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-9-53a - subscription required.