Review – Public ICS Disclosure – 8-31-24 – Part 2

For Part 2 we have eight vendor updates from Broadcom (3), B&R, Cisco (2), HPE (2), and VMware. Finally, we have twelve exploits for products from Cisco, FortiGuard (3), and HP (8).

Updates

Broadcom Update #1 - Broadcom published an update for their SNMP passwords advisory that was originally published on July 30^th, 2024.

Broadcom Update #2 - Broadcom published an update for their Flaw in glib advisory that was originally published on August 1^st, 2023, and most recently updated on November 7^th, 2023.

Broadcom Update #3 - Broadcom published an update for their test or debug logic advisory that was originally published on August 1^st, 2023.

B&R Update - B&R published an update for their Automation Runtime advisory that was originally published on August 9^th, 2024.

Cisco Update #1 - Cisco published an update for their regreSSHion vulnerability advisory that was originally published on July 2^nd, 2024, and most recently updated on August 21^st, 2024.

Cisco Update #2 - Cisco published an update for their Blast-Radius advisory that was originally published on July 10^th, 2024, and most recently updated on August 19^th, 2024.

HPE Update #1 - HPE published an update for their StoreEasy Servers advisory that was originally published on August 14^th, 2024.

HPE Update #2 - HPE published an update for their ProLiant DL/ML/XL, Synergy, MicroServer, and Edgeline Servers advisory that was originally published on August 13^th, 2024, and most recently updated on August 20^th, 2024.

VMware Update - VMware published an update for their Workspace ONE advisory that was originally published on April 6^th, 2022, and most recently updated on April 13^th, 2022.

Exploits

Cisco Exploit - Jonathan Claudius published a Metasploit module for a brute force login vulnerability in the Cisco SSL VPN web login portals.

FortiGuard Exploit #1 - Patrick Schmid published a Metasploit module for an improper authentication vulnerability in the FortiGuard FortiMail products.

FortiGuard Exploit #2 - Jay Turla published a Metasploit module for a brute force login vulnerability in the FortiGuard Fortinet SSL VPN web login portals.

FortiGuard Exploit #3 - Wvu published a Metasploit module for a permissions, privileges, and access control vulnerability in the FortiGuard Fortinet SSH backdoor.

HP Exploit #1 - Rgod published a Metasploit module for a directory traversal vulnerability in the HP Intelligent Management product.

HP Exploit #2 - Rgod published a Metasploit module for a directory traversal vulnerability in the HP Intelligent Management product.

HP Exploit #3 - Rgod published a Metasploit module for a remote file access vulnerability in the HP SiteScope product.

HP Exploit #4 - Rgod published a Metasploit module for an exposure of sensitive information to an unauthorized actor vulnerability in the HP Intelligent Management.

HP Exploit #5 - Rgod published a Metasploit module for a remote file access vulnerability in the HP SiteScope product.

HP Exploit #6 - Rgod published a Metasploit module for a configuration access vulnerability in the HP SiteScope product.

HP Exploit #7 - Rgod published a Metasploit module for a directory traversal vulnerability in the HP Intelligent Management product.

HP Exploit #8 - Rgod published a Metasploit module for a directory traversal vulnerability in the HP Intelligent Management product.

 

For more information on these disclosures, including links to researcher reports, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosure-8-31-24-8bd - subscription required.