Review – Public ICS Disclosures – Week of 12-2-23

This week we have 37 vendor disclosures from CODESYS, Dell (2), HP, HPE, Insyde, Pilz (3), QNAP (3), SEL (2), Siemens, Tanzu (20), and Wago (2). There are three vendor updates from Atos, CODESYS, and Dell. We have two researcher reports for vulnerabilities in products from Atos and R Radio Network. Finally, we have two exploits for products from FortiGuard and Orpak.

Advisories

CODESYS Advisory - CODESYS published an advisory that describes an OS command injection vulnerability in their Control runtimes running on Linux or QNX operating systems.

Dell Advisory #1 - Dell published an advisory that discusses an out-of-bounds write vulnerability in the ThisOS.

Dell Advisory #2 - Dell published an advisory that discusses 28 vulnerabilities in their Dell Wyse Management Suite.

HP Advisory - HP published an advisory that discusses an improper input validation vulnerability in multiple notebook and desktop computers.

HPE Advisory - HPE published an advisory that describes an information disclosure vulnerability in their HP-UX System Management Homepage.

Insyde Advisory - Insyde published an advisory that discusses an improper input validation vulnerability in multiple kernels

Pilz Advisory #1 - CERT-VDE published an advisory that discusses two vulnerabilities in the Pilz PASvisu and PMI products.

Pilz Advisory #2 - CERT-VDE published an advisory that discusses an out-of-bounds write vulnerability in the Pilz PASvisu, PIT Transponder Manager, and PMI products.

Pilz Advisory #3 - Pilz published an advisory that discusses vulnerabilities in multiple products.

QNAP Advisory #1 - QNAP published an advisory that describes a cross-site scripting vulnerability in their QTS and QuTS hero products.

QNAP Advisory #2 - QNAP published an advisory that describes an OS command injection vulnerability in their legacy VioStor NVR product.

QNAP Advisory #3 - QNAP published an advisory that describes two classic buffer overflow vulnerabilities in their QTS and QuTS hero products.

QNAP Advisory #4 - QNAP published an advisory that discusses five vulnerabilities in their QTS and QuTS hero products.

SEL Advisories - SEL announced new versions of two products that address cybersecurity issues.

Siemens Advisory - Siemens discussed a Black Hat Europe presentation describing the details of the legacy PG/PC and HMI communication protocol as used between TIA Portal / HMIs and SIMATIC S7-1500 SW Controller in versions before V17.

Tanzu Advisories - Tanzu published 20 advisories discussing third-party vulnerabilities in various Tanzu products.

Wago Advisory #1 - CERT-VDE published an advisory that describes an observable discrepancy vulnerability in the Wago Smart Designer product.

Wago Advisory #2 - CERT-VDE published an advisory that describes an improper input validation vulnerability in the Wago Telecontrol Configurator and WagoAppRTU products.

Updates

Atos Update - Atos published an update for their Unify OpenScape advisory that was originally published on October 4^th, 2023 and most recently updated on September 10^th, 2023.

CODESYS Update - CODESYS published an update for their WIBU CodeMeter Runtime advisory that was originally published on August 17^th, 2023 and most recently updated on October 31^st, 2023.

Dell Update - Dell published an update for their Rugged Control Center advisory that was originally published on November 30^th, 2023.

Researcher Reports

Atos Report - SEC Consult published a report that describes an argument injection vulnerability in the Atos Unify OpenScape products.

R Radio Network Report - Zero Science published a report describing two vulnerabilities in the R Radio Network.

Exploits

FortiGuard Exploit - Cody Sixteen published an exploit for a post authentication CLI crash vulnerability in the FortiWeb VM product.

Orpak Exploit - Parsa Rezaei Khiabanloo published an exploit for a default password vulnerability in the Orpak fueling systems.

 

For more details about these disclosures, including links to researcher reports, 3rd party advisories and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-12-66a - subscription required.