Review – Public ICS Disclosures – Week of 10-7-23 – Part 2

For Part 2 we have three vendor disclosures from Schneider (2) and Siemens. There are eleven updates from Siemens. Finally, we have five exploits for OpenPLC, Splunk, and Tinycontrol (3).

Advisories

Schneider Advisory #1 - Schneider published an advisory that describes two vulnerabilities in their SpaceLogic C-Bus Toolkit products.

Schneider Advisory #2 - Schneider published an advisory that describes a deserialization of untrusted data vulnerability in their EcoStruxure Power Monitoring Expert product.

Siemens Advisory - Siemens published an advisory that describes a cross-site scripting vulnerability in their SINEMA Server.

Updates

Siemens Update #1 - Siemens published an update for their OpenSSL in Industrial Products advisory that was originally published on June 14^th, 2022, and was most recently updated on September 12^th, 2023.

Siemens Update #2 - Siemens published an update for their OPC UA Implementations advisory that was originally published on September 12^th, 2023.

Siemens Update #3 - Siemens published an update for their SCALANCE Products advisory that was originally published on August 9^th, 2022, and most recently updated on April 11^th, 2023.

Siemens Update #4 - Siemens published an update for their SCALANCE W1750D advisory that was originally published on May 9^th, 2023.

Siemens Update #5 - Siemens published an update for their GNU/Linux subsystem advisory that was originally published on November 27^th, 2018, and most recently updated on September 12^th, 2023.

Siemens Update #6 - Siemens published an update for their SCALANCE Products advisory that was originally published on December 13^th, 2022, and most recently updated on April 11^th, 2023.

Siemens Update #7 - Siemens published an update for their SIMATIC WinCC Kiosk Mode advisory that was originally published on May 10^th, 2022 and most recently updated on July 11^th, 2023.

Siemens Update #8 - Siemens published an update for their OPC-UA in Industrial Products advisory that was originally published on May 10^th, 2022, and most recently updated on October 11^th, 2022.

Siemens Update #9 - Siemens published an update for their SINEC NMS and SINEMA Server advisory that was originally published on March 8^th, 2022, and most recently updated on March 14^th, 2023.

Siemens Update #10 - Siemens published an update for their WIBU Systems CodeMeter advisory that was originally published on September 12^th, 2023.

Siemens Update #11 - Siemens published an update for their OpenSSL in SCALANCE W1750D Devices advisory that was originally published on March 14^th, 2023.

Exploits

OpenPLC Exploit - Kai Feng published an exploit for a remote code execution vulnerability in products from OpenPLC.

Splunk Exploit - Redway Security published an exploit for admin account takeover vulnerability in products from Splunk.

Tinycontrol Exploit #1 - LIQUIDWORM published an exploit for a denial of service vulnerability in the Tinycontrol LAN controller.

Tinycontrol Exploit #2 - LIQUIDWORM published an exploit for a remote credentials extraction vulnerability in the Tinycontrol LAN controller.

Tinycontrol Exploit #3 - LIQUIDWORM published an exploit for a remote admin password change vulnerability in the Tinycontrol LAN controller.

 

For more information on these disclosures, including a brief summary of changes made in updates, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-10-f57 - subscription required.