Review – Public ICS Disclosures – Week of 5-18-24

This week we have 13 vendor disclosures from Broadcom (3), Cisco, Fujitsu, HP (2), HPE, Philips, QNAP, WAGO (2), WithSecure, and Zyxel. We also have two vendor updates from Broadcom and HPE. Finally, we have ten researcher reports for products from FortiGuard, Honeywell, Mitsubishi, Siemens, TP-Link (5), and TVT.

Advisories

Broadcom Advisory #1 - Broadcom published an advisory that discusses a deserialization of untrusted data vulnerability in their Brocade Fabric OS, Brocade SANnav, and Brocade Support Link products.

Broadcom Advisory #2 - Broadcom published an advisory that discusses six inadequate access control vulnerabilities in their Brocade SANnav product.

Broadcom Advisory #3 - Broadcom published an advisory that describes a missing authentication for critical resource vulnerability in their Brocade SANnav product.

Cisco Advisory - Cisco published an advisory that describes an authentication bypass by spoofing vulnerability in their Snort 3 HTTP Intrusion Prevention System.

Fujitsu Advisory - Fujitsu published an advisory that discusses four vulnerabilities in multiple Fujitsu products.

HP Advisory #1 - HP published an advisory that describes a cross-site scripting vulnerability in their LaserJet Pro devices.

HP Advisory #2 - HP published an advisory that describes an SMTP server information disclosure vulnerability in their Laser Jet Pro printers.

NOTE: This link to this advisory is currently leading to a blank page.

HPE Advisories - HPE published 46 Critical Product Security Vulnerability Alerts. See this post for background information on these products.

Philips Advisory - Philips published an advisory that discusses the HPE authorization bypass through user-controlled key vulnerability.

QNAP Advisory - QNAP published an advisory that describes five vulnerabilities in their QTS and QuTS hero products.

WAGO Advisory #1 - CERT-VDE published an advisory that discusses 17 vulnerabilities in multiple WAGO products.

WAGO Advisory #2 - CERT-VDE published an advisory that discusses two vulnerabilities in WAGO Navigator.

WithSecure Advisory - WithSecure published an advisory that describes a link following vulnerability in their Windows endpoint product.

Zyxel Advisory - Zyxel published an advisory that describes two classic buffer overflow vulnerabilities in their 5G NR/4G LTE CPE, DSL/Ethernet CPE, fiber ONT, and WiFi extender.

Updates

Broadcom Update - Broadcom published an update for their remote code execution advisory that was originally published on April 1^st, 2024.

HPE Update - HPE published an update for their Aruba ArubaOS advisory that was originally published on April 30^th, 2024.

Researcher Reports

FortiGuard Report - Horizon3 published a report describing an OS command injection vulnerability in the Fortinet FortiSIEM product.

Honeywell Report - Claroty published a report describing two vulnerabilities in the Honeywell ControlEdge Virtual Unit Operations Center (UOC).

Mitsubishi Report - Positive Technologies published a report describing five vulnerabilities in the Mitsubishi MELSEC System Q and MELSEC System L series PLC processor modules.

Siemens Report - SEC Consult published a report describing an exposed serial shell vulnerability on multiple Siemens PLCs.

TP-Link Reports - ZDI published five reports of vulnerabilities in the TP-Link TP-Link Omada ER605 PPTP VPN.

TVT Report - SSD-Disclosure published a report that describes an exposure of sensitive information vulnerability in the TVT NVMS9000 surveillance management system.

 

For more information on these disclosures, including links to 3rd party advisories and researcher reports, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-5-329 - subscription required.