Review – Public ICS Disclosures – Week of 3-16-24

This week we have eight vendor disclosures from Belden, Bosch, Buffalo Tech, Honeywell, HP, Planet Technology, and Rockwell (2). There are five vendor updates from Eaton, HP (2), Palo Alto Networks, and QNAP. We have two researcher reports for vulnerabilities in products from FortiGuard and Unitronics. Finally, we have four exploits for products from APC and TELSAT (3).

Advisories

Belden Advisory - Belden published an advisory that discusses five vulnerabilities in multiple Hirschmann products.

Bosch Advisory - Bosch published an advisory that describes a command injection vulnerability in their Network Synchronizer.

Buffalo Advisory - JP-CERT published an advisory that describes an insufficient data validation vulnerability in the Buffalo LinkStation 200 series NAS.

Honeywell Advisory - Honeywell published an advisory that describes a cross-site scripting vulnerability in their MPA2 Web Application.

HP Advisory - HP published an advisory that describes a denial of service vulnerability in their OfficeJet Pro printers.

Planet Advisory - Incibe-CERT published an advisory that describes three vulnerabilities in the Planet IGS-4215-16T2S industrial ethernet switch.

Rockwell Advisory #1 - Rockwell published an advisory that describes an improper security protection for remote restart action vulnerability in their FactoryTalk® View ME on PanelView.

Rockwell Advisory #2 - Rockwell published an advisory that describes three vulnerabilities in their PowerFlex® 527 product.

UPDATES

Eaton Update - Eaton published an update for their User Management System advisory that was originally published on November 24^th, 2023 and most recently updated on December 20^th, 2023.

HP Update #1 - HP published an update for their Intel 2023.4 IPU advisory that was originally published on December 11^th, 2023 and most recently updated January 9^th, 2024.

HP Update #2 - HP published an update for their AMD Client UEFI firmware advisory that was originally published on December 7^th, 2023 and most recently updated on January 5^th, 2024.

Researcher Reports

FortiGuard Report - Horizon3 published a report describing an SQL injection vulnerability in the FortiGuard FortiClient EMS product.

Unitronics Report - Claroty published a report describing eight vulnerabilities in the Unitronics UniStream integrated PLC/HMI products.

Exploits

APC Exploit - Victor Garcia published an exploit for a path traversal vulnerability in the APC UPS Network Management Card.

TELSAT Exploits - LIQUIDWORM published exploits for three vulnerabilities in the TELSAT marKoni FM Transmitter.

 

For more information on these disclosures, including links to 3rd party advisories and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-3-051 - subscription required.