Review – Public ICS Disclosures – Week of 9-23-23

This week we have 15 vendor disclosures from Belden, Hitachi (5), Hitachi Energy, HPE, Panasonic, Pilz, Rockwell (2), SEL, Synology, and VMware. There are three vendor updates from Broadcom.

Advisories

Belden Advisory - Belden published an advisory that discusses 14 vulnerabilities in a number of their Hirschmann products.

Hitachi Advisory #1 - Hitachi published an advisory that discusses an observable discrepancy vulnerability in their Command Suite and Configuration Manager products.

Hitachi Advisory #2 - Hitachi published an advisory that discusses an integer overflow or wraparound vulnerability in their Cosminexus HTTP Server.

Hitachi Advisory #3 - Hitachi published an advisory that discusses an integer overflow or wraparound vulnerability in their Cosminexus HTTP Server.

Hitachi Advisory #4 - Hitachi published an advisory that discusses an integer overflow or wraparound vulnerability in their Cosminexus HTTP Server.

Hitachi Advisory #5 - Hitachi published an advisory that discusses an allocation of resources without limit or throttling vulnerability in their Cosminexus HTTP Server.

Hitachi Energy Advisory - Hitachi Energy published an advisory that discusses 14 vulnerabilities in their AFS65x, AFS67x, AFR67x and AFF66x series Products.

HPE Advisory - HPE published an advisory that describes two authentication bypass vulnerabilities in their OneView product.

Panasonic Advisory - JP-CERT published an advisory that describes two vulnerabilities in the Panasonic KW Watcher product.

Pilz Advisory - Pilz published an advisory that discusses five vulnerabilities in multiple Pilz products.

Rockwell Advisory #1 - Rockwell published an advisory that discusses five vulnerabilities (listed in CISA’s KEV) in their Connected Components Workbench.

Rockwell Advisory #2 - Rockwell published an advisory that describes an out-of-bounds write vulnerability in their Logix Communication Modules.

SEL Advisory - SEL published a software update for their Configuration API which addressed three cybersecurity vulnerabilities and included two cybersecurity enhancements.

Synology Advisory - Synology published an advisory that describes a security bypass vulnerability in their Synology Router Manager (SRM).

VMware Advisory - VMware published an advisory that describes a privilege escalation vulnerability in their Aria Operations product.

Wago Advisory - CERT-VDE published an advisory that describes two vulnerabilities in their Codemeter product.

Updates

Broadcom Update #1 - Broadcom published an update for their Apache HTTP Server advisory that was originally published on August 1^st, 2023.

Broadcom Update #2 - Broadcom published an update for their Apache HTTP Server advisory that was originally published on August 1^st, 2023.

Broadcom Update #3 - Broadcom published an update for their sctp_make_strreset_req function advisory that was originally published on August 1^st, 2023.

 

For more details on these disclosures, including links to researcher reports, 3^rd party advisories, and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-9-e63 - subscription required. [added link to CFSN article, 23:15 EDT, 9-30-23]