Review – Public ICS Disclosures – Week of 2-17-24

This week we have 13 vendor disclosures from ADT-TEC Industrial IT, B&R, Elecom (2), Hitachi, HP, HPE, Palo Alto Networks, Sierra Wireless, VMware (2), WAGO, and Zyxel. There are two vendor updates from Cisco and Elecom. There are also 14 researcher reports for products from Imaging Data Commons, Inductive Automation, Sante, SourceForge (8), Weston (3). Finally, we have three exploits for products from Mayurik (2) and QNAP.

Advisories

ADS-TEC Advisory - CERT-VDE published an advisory that discusses an exposure of resource to wrong sphere vulnerability in multiple ADS-TEC DVG-IRF industrial routers.

B&R Advisory - B&R published an advisory that describes an insufficient communication encryption vulnerability in their Automation Studio and Technology Guarding products.

Elecom Advisory #1 - JP CERT published an advisory that describes two vulnerabilities in the Elecom wireless LAN routers.

Elecom Advisory #2 - JP CERT published an advisory that describes an OS command injection vulnerability in the Elecom wireless LAN routers.

Hitachi Advisory - Hitachi published an advisory that describes an EL injection vulnerability in their Global Link Manager.

HP Advisory - HP published an advisory that discusses a service location protocol vulnerability (listed in CISA’s Known Exploited Vulnerability (KEV) Catalog) in their Tera2 Zero Client and Remote Workstation Card.

HPE Advisory - HPE published an advisory that discusses the generation of error message containing sensitive information vulnerability in their IceWall products.

Palo Alto Networks Advisory - Palo Alto Networks published an advisory that discusses the Leaky-Vessels vulnerabilities.

Sierra Wireless Advisory - Sierra Wireless published an advisory that discusses three vulnerabilities in their s EM919x and EM929x

cellular modules.

VMware Advisory #1 - VMware published an advisory that describes a privilege escalation vulnerability in their Aria Operations product.

VMware Advisory #2 - VMware published an advisory that describes two vulnerabilities in their deprecated VMware Enhanced Authentication Plug-in.

WAGO Advisory - CERT-VDE published an advisory that discusses the Terrapin-Attack vulnerability.

Zyxel published an advisory that describes four vulnerabilities in their firewall and AP products.

Zyxel Advisory - Zyxel published an advisory that describes four vulnerabilities in their firewall and AP products.

Updates

Cisco Update - Cisco published an update for their cURL and libcurl vulnerability advisory that was originally published on October 11^th, 2023 and most recently updated on November 8^th, 2023.

Elecom Update - JP-CERT published an update for their ELECOM and LOGITEC network devices advisory that was originally published on October 5^th, 2020 and most recently updated on January 23^rd, 2024.

Researcher Reports

Imaging Data Commons Report - Cisco Talos published a report describing two use-after-free vulnerabilities in the Imaging Data Commons libdicom.

Inductive Automation Report - The Zero Day Initiative published two reports for individual vulnerabilities in the Inductive Automation Ignition product.

Sante Report - ZDI published a report describing an improper input validation vulnerability in the Sante PACS Server.

SourceForge Reports - Cisco Talos published eight reports describing individual vulnerabilities in the SourceForge Biosig Project.

Weston Reports - Cisco Talos published three reports describing four vulnerabilities in the Weston Embedded product.

Exploits

Mayurik Exploit #1 - Nu11secur1ty published an exploit for an SQL injection vulnerability in the Mayurik Best Petrol Pump Management Software.

Mayurik Exploit #2 - SoSPiro published an exploit for a remote shell upload vulnerability in the Mayurik Best Petrol Pump Management Software.

QNAP Exploit - Spencer McIntyre published a Metasploit module for an OS command injection vulnerability in the QNAP QTS and QuTS hero products.

 

For more information on these disclosures, including links to 3rd party advisories, researcher reports, and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-2-1cf - subscription required.