Review – Public ICS Disclosures – Week of 11-11-23 – Part 1

A busy Cyber Tuesday week. For Part 1 we have 26 vendor disclosures from Aruba Networks, Blackberry, FortiGuard (3), Hitachi Energy, HPE (10), ICSSolution, Luxion, Philips, SEL (2), and Splunk (6).

Advisories

Aruba Advisory - Aruba published an advisory that describes 14 vulnerabilities in their Access Points products.

Blackberry Advisory - Blackberry published an advisory that describes an improper input validation vulnerability in their QNX Networking Stack.

FortiGuard Advisory #1 - FortiGuard published an advisory that discusses two vulnerabilities in their FortiOS product.

FortiGuard Advisory #2 - FortiGuard published an advisory that describes an improper integrity check value vulnerability in their FortiOS and FortiProxy VM products.

FortiGuard Advisory #3 - FortiGuard published an advisory that describes a NULL pointer dereference vulnerability in their FortiOS and FortiProxy products.

Hitachi Energy Advisory - Hitachi Energy published an advisory that discusses a deserialization of untrusted data vulnerability that is on the CISA’s Known Exploited Vulnerabilities (KEV) Catalog.

HPE Advisory #1 - HPE published an advisory that discusses a sequence of processor instructions that lead to unexpected behavior vulnerability in their Apollo and XL servers.

HPE Advisory #2 - HPE published an advisory that discusses a sequence of processor instructions that lead to unexpected behavior vulnerability in their ProLiant DX Servers.

HPE Advisory #3 - HPE published an advisory that discusses ten vulnerabilities in their ProLiant DL/XL servers and Cray Supercomputer.

HPE Advisory #4 - HPE published an advisory that discusses a sequence of processor instructions that lead to unexpected behavior vulnerability in their StoreEasy Server.

HPE Advisory #5 - HPE published an advisory that discusses a sequence of processor instructions that lead to unexpected behavior vulnerability in their ProLiant DL/ML and Microservers.

HPE Advisory #6 - HPE published an advisory that discusses ten vulnerabilities in their ProLiant DL/DX/XL Server. These are third-party (AMD) vulnerabilities

HPE Advisory #7 - HPE published an advisory that discusses a sequence of processor instructions that lead to unexpected behavior vulnerability in their Synergy Servers.

HPE Advisory #8 - HPE published an advisory that discusses an improper access control vulnerability in their SimpliVity Servers.

HPE Advisory #9 - HPE published an advisory that discusses the  Downfall Attacks vulnerability in their SimpliVity Servers.

HPE Advisory #10 - HPE published an advisory that discusses an unauthorized error injection vulnerability in their SimpliVity Servers.

ICSSolution Advisory - INCIBE-CERT published an advisory that describes two vulnerabilities in the ICSSolution ICS Business Manager product.

Luxion Advisory - Luxion published an advisory that describes an improper input validation vulnerability in their KeyShot product.

Philips Advisory - Philips published an advisory that discusses the Citrix Bleed vulnerability that is listed in the CISA KEV catalog.

SEL Advisories - SEL published two advisories for unlisted cybersecurity concerns.

Splunk Advisory #1 - Splunk published an advisory that discusses an insufficient verification of data authenticity vulnerability in their Add-on for Amazon Web Services.

Splunk Advisory #2 - Splunk published an advisory that discusses multiple unnamed third-party vulnerabilities in their Add-on for Google Cloud Platform.

Splunk Advisory #3 - Splunk published an advisory that describes a cross-site scripting vulnerability in the Search Page in Splunk Enterprise.

Splunk Advisory #4 - Splunk published an advisory that describes five vulnerabilities in their Enterprise product.

Splunk Advisory #5 - Splunk published an advisory that discusses four vulnerabilities in their Enterprise Cloud product.

Splunk Advisory #6 - Splunk published an advisory that discusses four vulnerabilities in their Universal Forwarder product.

 

For more details about these disclosures, including links to 3rd party advisories, researcher reports, and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-11-713 - subscription required.