Review – Public ICS Disclosures – Week of 10-7-23 – Part 1

This week we have 19 vendor disclosures from Cisco, FortiGuard (5), Insyde, Palo Alto Networks (3), Pilz, QNAP (4), Rockwell Automation, Sick, Synology, and Zebra Technologies. There is a vendor update from Cisco. Finally, for Part 1 anyway, we have 22 researcher reports for products from Peplink (4), SoftEther (9), and Yifan (9).

For Part 2 we will have disclosures and updates from Schneider and Siemens and five control system exploits.

Advisories

Cisco Advisory - Cisco published an advisory that discusses the recently announced SOCKS5 handshake vulnerability.

FortiGuard Advisory #1 - FortiGuard published an advisory that describes an access control vulnerability in their FortiOS products.

FortiGuard Advisory #2 - FortiGuard published an advisory that describes an information disclosure vulnerability in their FortiOS products.

FortiGuard Advisory #3 - FortiGuard published an advisory that describes an improper authorization vulnerability in their FortOS products.

FortiGuard Advisory #4 - FortiGuard published an advisory that describes a cross-site scripting vulnerability in their FortiOS products.

FortiGuard Advisory #5 - FortiGuard published an advisory that describes a use after free vulnerability in their FortiOS and FortiProxy products.

Insyde Advisory - Insyde published an advisory that describes an incorrect information reporting vulnerability in their TrEEConfigDriver.

Palo Alto Networks Advisory # 1 - Palo Alto Networks published an advisory that discusses the Rapid Reset vulnerability.

Palo Alto Networks Advisory #2 - Palo Alto Networks published an advisory that describes a clear-text storage of sensitive information vulnerability in their Cortex XSOAR product.

Palo Alto Networks Advisory #3 - Palo Alto Networks published an advisory that discusses the announced SOCKS5 handshake vulnerability.

Pilz Advisory - CERT VDE published an advisory that discusses two vulnerabilities in multiple Pilz products.

QNAP Advisory #1 - QNAP published an advisory that describes three vulnerabilities in their Video Station product.

QNAP Advisory #2 - QNAP published an advisory that describes two vulnerabilities in their QTS, QuTS hero, and QuTScloud products.

QNAP Advisory #3 - QNAP published an advisory that describes a path traversal vulnerability in their QTS, QuTS hero, and QuTScloud products.

QNAP Advisory #4 - QNAP published an advisory that describes an OS command injection vulnerability in their Container Station product.

Rockwell Advisory - Rockwell published an advisory that describes an improper input validation vulnerability in their FactoryTalk Linx product.

Sick Advisory - Sick published an advisory that describes nine vulnerabilities in their Application Processing Unit.

Synology Advisory - Synology published an advisory that discusses the Rapid Reset Vulnerability.

Zebra Advisory - INCIBE CERT published an advisory that describes an authentication bypass using an alternate path or channel in the Zebra  ZTC ZT410-203dpi ZPL printers.

Updates

Cisco Update - Cisco published an update for their Adaptive Security Appliance Software advisory that was originally published on September 6^th, 2023, and most recently updated on September 29^th, 2023.

Researcher Reports

Peplink Reports - Cisco Talos published four reports about vulnerabilities in the Peplink Surf SOHO HW1 routers.

SoftEther Reports - CISCO Talos published 9 reports on vulnerabilities in the VPN product from SoftEther.

Yifan Reports - Cisco Talos published nine reports about vulnerabilities in the Yifan YF325 industrial cellular router.

 

For more details about these disclosures, including links to 3^rd party advisories and researcher reports, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-10-a73 - subscription required.