Review – Public ICS Disclosures – Week of 1-27-24 – Part 2

For Part 2 we have ten additional vendor disclosures from Schneider, SE-elektronic, Sharp, Sick, Splunk (3), Synology, Trumpf, and Zyxel. We also have five researcher reports for vulnerabilities in products from TELSAT (4) and NAVBLUE. Finally, we have six exploits for products from Electrolink.

Advisory

Schneider Advisory - Schneider published an advisory that discusses the recent cyberattack on their Sustainability Business Division.

SE-elektronic Advisory - Incibe-CERT published an advisory that describes two vulnerabilities in the SE-elektronic E-DDC3.3 automation station.

Sharp Advisory - JP-CERT published an advisory that describes seven vulnerabilities in the Sharp Energy Management Controller with Cloud Services product.

Sick Advisory - Sick published an advisory that discuss a deserialization of untrusted data vulnerability that is listed in CISA’s Known Exploited Vulnerability (KEV) catalog.

Splunk Advisory #1 - Splunk published an advisory that describes an insertion of sensitive information in log files vulnerabilities in their Splunk Add-on Builder product.

Splunk Advisory #2 - Splunk published an advisory that describes an insertion of sensitive information in log files vulnerabilities in the Splunk Add-on Builder product.

Splunk Advisory #3 - Splunk published an advisory that discusses two vulnerabilities in the Splunk Add-on Builder.

Synology Advisory - Synology published an advisory that describes an open redirect vulnerability in their DiskStation Manager (DSM) product.

Trumpf Advisory - CERT-VDE published an advisory that discusses four classic buffer overflow vulnerabilities in the Trumpf Oseon and TruTops Fab products.

Zyxel Advisory - Zyxel published an advisory that describes an OS command injection vulnerability in their NAS products.

Researcher Reports

TELSAT Reports - Zero Science published four reports about individual vulnerabilities in the TELSAT marKoni FM Transmitter.

NAVBLUE Report - Pentest Partners published a report describing the lack of an active application transport security (ATS) control in the NAVBLUE Flysmart+ Manager electronic flight bag.

Exploits

Electrolink Exploit #1 - Liquid Worm published an exploit for a credential exposure vulnerability in the Electrolink FM/DAB/TV Transmitter.

Electrolink Exploit #2 - Liquid Worm published an exploit for a credential exposure vulnerability in the Electrolink FM/DAB/TV Transmitter.

Electrolink Exploit #3 - Liquid Worm published an exploit for an authentication bypass vulnerability in the Electrolink FM/DAB/TV Transmitter.

Electrolink Exploit #4 - Liquid Worm published an exploit for a remote authentication vulnerability in the Electrolink FM/DAB/TV Transmitter.

Electrolink Exploit #5 - Liquid Worm published an exploit for a remote denial-of-service vulnerability in the Electrolink FM/DAB/TV Transmitter.

Electrolink Exploit #6 - Liquid Worm published an exploit for a MPFS image remote code execution vulnerability in the Electrolink FM/DAB/TV Transmitter.

 

For more details about these disclosures, including links to 3rd party advisories and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-1-560 - subscription required.