Review – Public ICS Disclosures – Week of 4-27-24

This week we have 13 vendor disclosures from Aruba Networks, Commend (5), Hitachi Energy (3), HP, HPE, Moxa, and Philips. There is one vendor update this week from Palo Alto Networks. Finally, we have three researcher reports for vulnerabilities in products from Merative Merge.

Advisories

Aruba Advisory - Aruba published an advisory that describes ten vulnerabilities in their ArubaOS.

Commend Advisory #1 - Commend published an advisory that describes an improper authentication vulnerability in their Symphony MX web server.

Commend Advisory #2 - Commend published an advisory that discusses 18 vulnerabilities (7 with known exploits) in their VirtuoSIS, S3 and S6 products.

Commend Advisory #3 - Commend published an advisory that describes multiple vulnerabilities in their VirtuoSIS, S3 and S6.

Commend Advisory #4 - Commend published an advisory that describes multiple vulnerabilities in their VirtuoSIS, S3 and S6.

Commend Advisory #5 - Commend published an advisory that discusses the  Terrapin-Attack vulnerability.

Hitachi Energy Advisory #1 - Hitachi Energy published an advisory that describes two vulnerabilities in their SDM600 series product.

Hitachi Energy Advisory #2 - Hitachi Energy published an advisory that describes a secure update bypass vulnerability in their RTU500 series product.

Hitachi Energy Advisory #3 - Hitachi Energy published an advisory that discusses nine vulnerabilities (two with known exploits) in their Tropos Mesh Routers.

HP Advisory - The HP Security Bulletins page lists an advisory for “HP Application Enabling Software Driver - Privileged File Overwrite” but the link currently takes one to a blank error page.

HPE Advisory - HPE published an advisory that discusses two vulnerabilities in their OneView software. These are third-party vulnerabilities.

Moxa Advisory - Moxa published an advisory that discusses the XZ Containing Malware/Backdoor vulnerability.

Philips Advisory - Philips published an advisory that discusses the Cisco ArcaneDoor vulnerabilities.

Updates

Palo Alto Networks Update - Palo Alto Networks published an update for their Arbitrary File Creation advisory that was originally published on April 12^th, 2024 and most recently updated on April 24^th, 2024.

Researcher Reports

Merative Merge Reports - Nozomi Networks published three reports of individual vulnerabilities in the Merative Merge DICOM product.

 

For more information on these disclosures, including links to 3rd party advisories and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-4-c86 - subscription required.