Review – Public ICS Disclosures – Week of 6-29-24 – Part 1

This week we have vendor disclosures about the OpenSHH regreSSHion vulnerability from Cisco, Dell, Palo Alto Networks, QNAP, and WatchGuard. There are also other vendor disclosures from ABB (2), Hitachi (7), HP, HPE, Helmholz, MESbook, Mitsubishi, and Red Lion.

OpenSHH regreSSHion

Cisco published an advisory that provides a list of affected products and a separate list of products that are still under investigation.

Dell published an advisory that reports that they are investigating the vulnerability.

Palo Alto Networks published an advisory that reports that none of their products are affected.

QNAP published an advisory that provides a list of affected products, along with generic mitigation measures.

WatchGuard published an advisory reports that provides lists of affected and unaffected products.

Advisories

ABB Advisory #1 - ABB published an advisory that describes a use of default credentials vulnerability in their ASPECT system.

ABB Advisory #2 - ABB published an advisory that describes two vulnerabilities in their ASPECT system.

Helmholz Advisory - CERT-VDE published an advisory that describes an OS command injection vulnerability in the Helmholz REX 100 devices. Helmholz has a new firmware version that mitigates the vulnerability.

Hitachi Advisory #1 - Hitachi published an advisory that discusses two vulnerabilities in their JP 1 product.

Hitachi Advisory #2 - Hitachi published an advisory that describes an incorrect default permissions vulnerability in their JP1/Extensible SNMP Agent.

Hitachi Advisory #3 - Hitachi published an advisory that discusses seven vulnerabilities in their Ops Center Common Services product.

Hitachi Advisory #4 - Hitachi published an advisory that discusses the  Terrapin-Attack vulnerability in their JP1 product.

Hitachi Advisory #5 - Hitachi published an advisory that describes an incorrect default permissions vulnerability in their Ops Center Common Services product.

Hitachi Advisory #6 - Hitachi published an advisory that discusses ten vulnerabilities in their Ops Center Common Services product.

Hitachi Advisory #7 - Hitachi published an advisory that discusses twelve vulnerabilities (four with available exploits) in their Ops Center Common Services product.

HP Advisory - HP published an advisory that discusses four vulnerabilities in multiple HP PCs and workstations.

HPE Advisory - HPE published an advisory that describes an arbitrary code execution vulnerability in their Cray Servers.

MESbook Advisory - Incibe-CERT published an advisory that describes four vulnerabilities in the MESbook product.

Mitsubishi Advisory - Mitsubishi published an advisory that describes an incorrect default permissions vulnerability in their MELIPC Series MI5122-VW product.

Red Lion Advisory - CERT-VDE published an advisory that describes an OS command injection vulnerability in the Red Lion CVE-2024-5672 devices.

 

For more information on these disclosures, including links to 3rd party advisories, researcher reports, and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-6-54c - subscription required.