For Part 2 we have nine additional vendor disclosures from Panasonic,
QNAP (6), WatchGuard, and Welotec. We also have eight vendor updates from Broadcom
(6), Mitsubishi, and Palo Alto Networks. There are four researcher reports for
products from Mathieu Malaterre (3) and Offis. Finally, we have three exploits
for products from FortiGuard and Palo Alto Networks (2).
Advisories
Panasonic Advisory - Panasonic published an
advisory that describes an improper restriction of operations within the
bounds of a memory buffer.
QNAP Advisory #1 - QNAP published an advisory
that describes four vulnerabilities in their QTS and QuTS hero products.
QNAP Advisory #2 - QNAP published an advisory
that discusses four vulnerabilities in their utility Proxy Server.
QNAP Advisory #3 - QNAP published an advisory
that describes two vulnerabilities in their QuFirewall.
QNAP Advisory #4 - QNAP published an advisory
that describes an integer overflow or wraparound vulnerability in their QTS,
QuTS hero, and QuTScloud product.
QNAP Advisory #5 - QNAP published an advisory
that describes an improper authentication vulnerability in their Media
Streaming Add-on.
QNAP Advisory #6 - QNAP published an advisory
that describes two path traversal vulnerabilities in their QTS, QuTS hero, and
QuTScloud products.
WatchGuard Advisory - WatchGuard published an advisory
that discusses the Diffie-Hellman
Key Agreement Protocol Weaknesses.
Welotec Advisory - CERT-VDE published an advisory that describes
an improper restriction of rendered UI layers or frames vulnerability in their SMART
EMS and VPN Security Suite products.
Updates
Broadcom Update #1 - Broadcom published an
update for their EZServer module advisory that was originally published on
November 8th, 2022.
Broadcom Update #2 - Broadcom published an
update for their Identical SSH keys advisory that was originally published
on April 10th, 2024.
Broadcom Update #3 - Broadcom published an
update for their Hardcoded TLS keys advisory that was originally published
on April 11th, 2024.
Broadcom Update #4 - Broadcom published an
update for their SANnav OVA advisory that was originally published on April
11th, 2024.
Broadcom Update #5 - Broadcom
published an
update for their Insecure file permission advisory that was originally
published on April 11th, 2024.
Broadcom Update #6 - Broadcom published an
update for their Docker instances advisory that was originally published on
April 11th, 2024.
Mitsubishi Update - Mitsubishi published an
update for their Microsoft Message Queuing advisory that was originally published
on February 20th, 2024.
Reports
Palo Alto Networks Update - Palo Alto Networks published
an update for their Arbitrary File Creation advisory that was originally
published on April 12th, 2024 and most recently updated on April 20th,
2024.
Offis Report - Cisco Talos published a
report describing an incorrect type conversion or cast vulnerability in the
Offis DCMTK, a collection of DICOM libraries.
Exploits
FortiGuard Exploit - Spencer McIntyre published a Metasploit module for an SQL injection
vulnerability in the FortiClient EMS (this vulnerability is listed in CISA’s
Known Exploit Vulnerability Catalog).
Palo
Alto Networks Exploit #1
- Sfewer-r7 published a Metasploit module for a
command injection vulnerability in the Palo Alto Networks PAN-OS (this
vulnerability is listed in CISA’s KEV Catalog).
Palo
Alto Networks Exploit #2
- Kr0ff published an exploit for a command
injection vulnerability in the Palo Alto Networks PAN-OS (this vulnerability is
listed in CISA’s KEV Catalog).
For more information about these disclosures, including
links to 3rd party advisories and researcher reports, as well as summaries of
changes made in updates, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-4-6e6
- subscription required.