This week we have six vendor disclosures for the regreSSHion vulnerability from Cisco, Eaton, Helmholtz, HPE, Moxa, and Red Lion. We have nine additional vendor disclosures from ABB, Broadcom (4), HP, HPE (2), and Western Digital. There are also four vendor updates from Broadcom, Cisco, Hitachi Energy, and HPE. We also have two researcher reports for products from FortiGuard and Pioneer. Finally, we have an exploit for products from mySCADA.
RegreSSHion Advisories
Cisco published an
update for their regreSSHion advisory that was originally published on July
2nd, 2024 and most recently updated on July 26th, 2024.
Eaton published an
advisory that announces that Eaton is investigating the vulnerability, but
notes that for most Eaton products, SSH service is disable by default.
Helmholtz – CERT-VDE published an advisory that
provides a list of affected products and fixed versions.
HPE published an
update for their regreSSHion advisory that was originally published on July
10th, 2024.
Moxa published an advisory
that provides a list of affected and fixed products.
Red Lion Europe – CERT-VDE published an advisory that provides a list of affected products and fixed versions.
Advisories
ABB Advisory - ABB published an
advisory that discusses an insufficiently protected credentials
vulnerability in their Automation Builder product.
Broadcom Advisory #1 - Broadcom published an
advisory that discusses five vulnerabilities (3 with exploits available) in
their Brocade Fabric OS.
Broadcom Advisory #2 - Broadcom published an
advisory that discusses nine vulnerabilities (2 with exploit code
available) in multiple Broadcom products.
Broadcom Advisory #3 - Broadcom published an advisory that describes a command injection
vulnerability in their Brocade 6547 (FC5022) embedded switches.
Broadcom Advisory #4 - Broadcom published an
advisory that describes a plain-text storage of passwords vulnerability in
their Brocade FabricOS.
HMS Advisory - HMS published an
advisory that describes six vulnerabilities in their Cosy+ product line.
HP Advisory - HP published an
advisory that discusses 214 vulnerabilities in their ThinPro products.
HPE Advisory #1 - HPE published an
advisory that discusses 16 vulnerabilities (5 with publicly available
exploits) in their Fiber Channel and SAN Switches.
HPE Advisory #2 - HPE published an
advisory that discusses four vulnerabilities (one with publicly available
exploits) in their Aruba ClearPass Policy Manager product.
Western Digital Advisory - Western Digital published an advisory that describes a code injection vulnerability in their Discovery Desktop App.
Updates
Broadcom Update - Broadcom published an update for
their Azul Zulu advisory that was originally published on July 26th,
2024.
Cisco Update - Cisco published an update for their RADIUS
Protocol Spoofing advisory that was originally published on July 10th,
2024 and most recently updated on July 29th, 2024.
Hitachi Energy Update - Hitachi Energy published an
update for their IED ConnPacks advisory that was originally published on
November 15th, 2022 and most recently updated on June 25th,
2024.
HPE Update - HPE published an update for their Telecommunication Management Information Platform advisory that was originally published on December 12th, 2024.
Researcher Reports
FortiGuard Report - IOActive published a
report describing a cross-site scripting vulnerability in the FortiGuard SSL
VPN web UI.
Pioneer Report - ZDI published three reports of individual vulnerabilities in the Pioneer DMH-WT7600NEX automotive media center.
Exploits
MySCADA Exploit - Michael Heinzl published a Metasploit
module for an OS command injection vulnerability in the mySCADA MyPro
product.
For more details about these disclosures, including links to
3rd party vendors, see my article at CFSN Detailed analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-8-dae
- subscription required.
Posts
No comments:
Post a Comment