Review – Public ICS Disclosures – Week of 9-28-24

This week we have 13 vendor disclosures from Bosch (2), Cisco, DrayTek (2), Hitachi, HP, JTEKT, QNAP, SEL (2), Splunk, Westermo, and WithSecure. We have two vendor updates from Dell. Finally, we have two exploits for products from ABB and Blackberry.

Advisories

Bosch Advisory #1 - Bosch published an advisory that describes a sensitive information disclosure vulnerability in their Configuration Manager.

Bosch Advisory #2 - Bosch published an advisory that discusses three vulnerabilities in their PRC7000 product.

Cisco Advisory - Cisco published an advisory that describes two vulnerabilities in their Small Business Dual WAN Gigabit VPN Routers.

DrayTek Advisory #1 - DrayTek published an advisory that describes 14 vulnerabilities (with exploits available) in multiple Vigor routers.

DrayTek Advisory #2 - DrayTek published an advisory that describes seven classic buffer overflow vulnerabilities in multiple Vigor routers.

Hitachi Advisory - Hitachi published an advisory that discusses an improper input validation vulnerability in their Cosminexus Component Container.

HP Advisory - HP published an advisory that describes an escalation of privilege vulnerability in their business notebook PCs.

QNAP Advisory - QNAP published an advisory that discusses the CUPS vulnerabilities.

SEL Advisory #1 - SEL published a new version notice for their SEL-5030 acSELerator QuickSet Software that includes a description of a cybersecurity enhancement.

SEL Advisory #2 - SEL published a new version notice for their SEL-5813 Backup and Recovery Tool (BaRT) that includes a description of a cybersecurity enhancement.

Splunk Advisory - Splunk published an advisory that discusses four vulnerabilities in their Add-on for Amazon Web Services.

Westermo Advisory - Westermo published an advisory that describes a session hijacking vulnerability in their IbexOS Web Interface.

WithSecure Advisory - WithSecure published an advisory that describes a denial-of-service vulnerability in their Atlant Product.

Updates

Dell Update #1 - Dell published an update for their ThinOS advisory that was originally published on September 9^th, 2024, and most recently updated on September 18^th, 2024. The

Dell Update #2 - Dell published an update for their ThinOS advisory that was originally published on June 12^th, 2024, and most recently updated on September 9^th, 2024.

Exploits

ABB Exploit - LiquidWorm published an exploit for a file disclosure vulnerability in the ABB Cylon Aspect.

Blackberry Exploit - SEC Consult published an exploit for an uninstall password bypass vulnerability in the Blackberry CylanceOPTICS product.

 

For more information on these disclosures, including links to 3rd party advisories, researcher reports, and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-9-d4d - subscription required.