Review – Public ICS Disclosures – Week of 2-9-24 – Part 2

For Part 2 we have four additional vendor disclosures from Schneider, Softing, WAGO, and Western Digital. We also have 17 vendor updates from Dell, HP (5), and Siemens (11). There is a researcher report about vulnerabilities in products from FortiGuard. Finally, we have five exploits for products from FortiGuard, Hitachi, Honeywell, Solar View, and VMware.

Advisories

Schneider Advisory - Schneider published an advisory that describes three vulnerabilities in their Easergy T200 RTU product line.

Softing Advisory - Softing published an advisory that describes a missing release of memory after effective lifetime vulnerability in their UA Toolkit and smartLink products.

WAGO Advisory - CERT-VDE published an advisory that describes two vulnerabilities in the WAGO 750-8xx series PLCs.

Western Digital - Western Digital published an advisory that describes an uncontrolled search path element vulnerability in their SanDisk PrivateAccess Desktop App.

Updates

Dell Updates - Dell published an update for their Wyse Password Encoder advisory that was originally published on February 1^st, 2019.

HP Update #1 - HP published an update for their Intel 2023.4 IPU advisory that was originally published on December 11^th, 2023.

HP Update #2 - HP published an update for their AMI UEFI Firmware advisory that was originally published on January 26^th, 2024.

HP Update #3 - HP published an update for their Intel Graphics Drivers advisory that was originally published on November 15^th, 2023.

HP Update #4 - HP published an update for their AMD SMM Supervisor advisory that was originally published on December 7^th, 2023.

HP Update #5 - HP published an update for their AMD Client UEFI Firmware advisory that was originally published on January 8^th, 2024.

Siemens Update #1 - Siemens published an update for their n SIMATIC STEP 7 advisory that was originally published on June 13^th, 2023.

Siemens Update #2 - Siemens published an update for their SINEC NMS advisory that was originally published on February 13^th, 2023.

Siemens Update #3 - Siemens published an update for their Polarion ALM advisory that was originally published on February 13^th, 2024.

Siemens Update #4 - Siemens published an update for their e OPC UA Implementation advisory that was originally published on September 12^th, 2023 and most recently updated on February 13^th, 2024.

Siemens Update #5 - Siemens published an update for their Web Server of Industrial Products Advisory that was originally published on December 12, 2023.

Siemens Update #6 - Siemens published an update for their SIMATIC S7-1500 CPUs advisory that was originally published on December 12^th, 2023.

Siemens Update #7 - Siemens published an update for their SIPROTEC 5 Devices advisory that was originally published on December 13^th, 2022 and most recently updated on September 12^th, 2023.

Siemens Update #8 - Siemens published an update for their GNU/Linux subsystem advisory that was originally published on December 12^th, 2023 and most recently updated on February 13^th, 2024.

Siemens Update #9 - Siemens published an update for their SCALANCE XB-200 / XC-200 / XP-200 / XF-200BA / XR-300WG Family that was originally published on November 14^th, 2023 and most recently updated on December 12^th, 2023.

Siemens Update #10 - Siemens published an update for their SIPROTEC 5 Devices advisory that was originally published on April 11^th, 2023 and most recently updated on September 12, 2023.

Siemens Update #11 - Siemens published an update for their Simcenter Femap advisory that was originally published on February 13^th, 2024.

Researcher Reports

FortiGuard Report - Horizon3 published a report describing six vulnerabilities in the Fortinet FortiWLM product.

Exploits

FortiGuard Exploit - H4x0r-dz published an exploit for an out-of-bounds write vulnerability that is on the CISA Known Exploited Vulnerabilities Catalog.

Hitachi Exploit - Arslan Masood published an exploit for an improper authentication vulnerability in the Hitachi NAS.

Honeywell Exploit - BYTEHUNTER published an exploit for a command injection vulnerability in the Honeywell PM43 industrial printers.

Solar View Exploit - BYTEHUNTER published an exploit for a command injection vulnerability in the Solar View compact product.

VMware Exploit - Abdualhadi Khalifa published an exploit for a missing authentication for critical function vulnerability in the VMware Cloud Director.

 

For more information on these disclosures, including a brief description of changes in updates, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-2-5d3 - subscription required.