Review – Public ICS Disclosures – Week of 10-14-23 – Part 2

For Part 2 we have 43 more vendor disclosures from Moxa, NI, Philips, QNAP, Rockwell Automation, Ruckus Wireless, Synology, Tanzu (31), VMware (2), WAGO, and Yokogawa. We have three vendor updates for products from Broadcom, HPE, and Moxa. Finally, we have two researcher reports for vulnerabilities in products from Synology and Tideworks.

Advisories

Moxa Advisory #1 - Moxa published an advisory that describes eight vulnerabilities in their TN-5900 and TN-4900 Series Web Server.

NI Advisory - NI published an advisory that describes a stack-based buffer overflow vulnerability in their NI System Configuration product.

Philips Advisory - Philips published an advisory that discusses the Cisco IOS XE Software Web UI privilege escalation vulnerability that was recently added to CISA’s Known Exploited Vulnerabilities Catalog.

QNAP Advisory - QNAP published an advisory that describes an OS command injection vulnerability in their QUSBCam2.

Rockwell Advisory - Rockwell published an advisory that discusses Cisco IOS XE Software Web UI privilege escalation vulnerability.

Ruckus Advisory - Ruckus published an advisory that describes a cross-site scripting vulnerability in their Cloudpath product.

Synology Advisory - Synology published an advisory that discusses the HTTP2-Rapid-Reset vulnerability.

Tanzu Advisories - Tanzu published 31 advisories that discuss various third-party vulnerabilities.

VMware Advisory #1 - VMware published an advisory that describes two vulnerabilities in their Aria Operations for Logs product.

VMware Advisory #2 - VMware published an advisory that describes three vulnerabilities in their Workstation Pro/Player.

WAGO Advisory - CERT-VDE published an advisory that describes an externally controlled reference to a resource in another sphere.

Updates

Broadcom Update - Broadcom published an update for their Product Security Incident Response Team Contact Information advisory that was originally published on February 7^th, 2023.

HPE Update - PE published an update for their OneView advisory that was originally published on September 14^th, 2023.

Moxa Update - Moxa published an update for their TN-5900 and TN-5400 advisory that was originally published August 16^th, 2023, and most recently updated on September 4^th, 2023.

Reports

Synology Report - Claroty published a report that describes a use of insufficiently random values vulnerability in the Synology DiskStation Manager (DSM).

Tideworks Report - Black Lantern Security published a report that describes two vulnerabilities in the Tideworks Forecast product.

 

For more information about these disclosures, including links to 3^rd party advisories, and researcher reports, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-10-22c - subscription required.