Review – Public ICS Disclosures – Week of 7-20-24

This week we have two CrowdStrike outage advisories. We also have 18 other vendor advisories for products from Broadcom, Draeger, Hitachi, HPE (4), Meinberg, National Instruments (7), WithSecure (2), and Zyxel. We have three vendor updates from Cisco (2) and HP. There is also a researcher report for vulnerabilities in products from Perkin Elmer. Finally, we have an exploit for products from Softing.

CrowdStrike Outage

GE Vernova published an advisory that discussed the impact on some of their Monitoring & Diagnostics products.

Philips published an advisory that provides a list of potentially affected products.

Advisories

Broadcom Advisory - Broadcom published an advisory that discusses ten vulnerabilities in the Azul Zulu component of their Brocade SANnav product.

Draeger Advisory - Draeger published an advisory that discusses a deserialization of untrusted data vulnerability (listed in the CISA Known Exploited Vulnerability Catalog).

Hitachi Advisory - Hitachi published an advisory that discusses 27 vulnerabilities in their Disk Array Systems.

HPE Advisory #1 - HPE published an advisory that describes three vulnerabilities in their Aruba EdgeConnect SD-WAN Orchestrator.

HPE Advisory #2 - HPE published an advisory that discusses 21 vulnerabilities (6 with known exploits) in their Unified OSS Console Assurance Monitoring (UOCAM) product.

HPE Advisory #3 - HPE published an advisory that discusses seven vulnerabilities (one with known exploit) in their Aruba EdgeConnect SD-WAN Gateways.

HPE Advisory #4 - HPE published an advisory that discusses an out-of-bounds write vulnerability in their ProLiant DL/ML/SY/XL and Alletra Servers.

Meinberg Advisory - Meinberg published an advisory that discusses ten vulnerabilities (2 with known exploits) in their Lantime product.

National Instruments Advisory #1 - National Instruments published an advisory that describes two missing authorization vulnerabilities in their VeriStand Gateway product.

National Instruments Advisory #2 - National Instruments published an advisory that describes two deserialization of untrusted data vulnerabilities in their VeriStand product.

National Instruments Advisory #3 - National Instruments published an advisory that describes a path traversal vulnerability in their VeriStand product.

National Instruments Advisory #4 - National Instruments published an advisory that describes a deserialization of untrusted data vulnerability in their VeriStand Project File product.

National Instruments Advisory #5 - National Instruments published an advisory that describes an integer overflow or wraparound vulnerability in their TDMS Files in LabVIEW.

National Instruments Advisory #6 - National Instruments published an advisory that describes an incorrect default permissions vulnerability in their SystemLink Redis Service.

National Instruments Advisory #7 - National Instruments published an advisory that describes an out-of-date component with multiple vulnerabilities vulnerability in their SystemLink Server.

WithSecure Advisory #1 - WithSecure published an advisory that describes a denial of service vulnerability in their WithSecure Mac antivirus software.

WithSecure Advisory #2 - WithSecure published an advisory that describes a privilege escalation vulnerability in their WithSecure Mac Products.

Zyxel Advisory - Zyxel published an advisory that describes an improper privilege management vulnerability in their Zyxel AP products.

Updates

Cisco Update #1 - Cisco published an update for their Blast-Radius advisory that was originally published on July 10^th, and most recently updated on July 19^th, 2024.

Cisco Update #2 - Cisco published an update for their regreSSHion advisory that was originally published on July 2^nd, 2024, and most recently updated on July 19^th, 2024.

HP Update - HP published an update for their Display Control Software advisory that was originally published on July 15^th, 2024.

Researcher Reports

Perkin Elmer Report - Cyber Danube published a report that describes three vulnerabilities in the Perkin Elmer ProcessPlus measurement software.

Exploits

Softing Exploit - Mr me published a Metasploit module for two vulnerabilities in the Softing Secure Integration Server.

 

For more information on these disclosures, including links to 3rd party advisories, researcher reports and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-7-d58 - subscription required.