Review – Public ICS Disclosures – Week of 10-5-24 – Part 1

This week for Part 1 we have 26 vendor disclosures from ABB (2), FortiGuard (2), Hitachi, HP, HPE (2), Moxa (2), Palo Alto Networks (7), PEPPERL+FUCHS, Phoenix Contact, and Schneider Electric (7).

 

In Part 2 we will have a few more vendor disclosures, vendor updates (including a bunch from Siemens), a few researcher reports, and exploits.

Advisories

ABB Advisory #1 - ABB published an advisory that discusses two vulnerabilities in their Relion 630 Series Protection Relays.

ABB Advisory #2 - ABB published an advisory that describes a NULL pointer dereference vulnerability in their RobotWare 6 product.

FortiGuard Advisory #1 - FortiGuard published an advisory that describes an incorrect type conversion or cast vulnerability in their FortiOS and FortiProxy products.

FortiGuard Advisory #2 - FortiGuard published an advisory that describes a use of externally-controlled format string vulnerability in their FortiAnalyzer product.

Hitachi Advisory - Hitachi published an advisory that discusses 30 vulnerabilities in their Disk Array Systems.

HP Advisory - HP published an advisory that discusses two out-of-bounds write vulnerabilities in multiple HP products.

HPE Advisory #1 - HPE published an advisory that discusses an improper check for unusual or exceptional conditions vulnerability in their HPE ProLiant DL/ML, Synergy, Alletra, and Edgeline Servers.

HPE Advisory #2 - HPE published an advisory that discusses four vulnerabilities (one with publicly available exploits) in their Unified OSS Console Assurance Monitoring (UOCAM) product.

Moxa Advisory #1 - Moxa published an advisory that discusses a use-after-free vulnerability (that is listed in CISA’s Known Exploited Vulnerabilities catalog) in multiple Moxa products.

Moxa Advisory #2 - Moxa published an advisory that discusses the regreSSHion vulnerability.

Palo Alto Networks Advisory #1 - Palo Alto Networks published an advisory that describes an improper privilege management vulnerability in their PAN-OS products.

Palo Alto Networks Advisory #2 - Palo Alto Networks published an advisory that describes an execution with unnecessary privileges vulnerability (with a publicly available exploit) in their GlobalProtect applications.

Palo Alto Networks Advisory #3 - Palo Alto Networks published an advisory that describes an exposure of sensitive information to an unauthorized control sphere vulnerability in their Cortex XSOAR product.

Palo Alto Networks Advisory #4 - Palo Alto Networks published an advisory that describes an improper check for unusual or exceptional conditions vulnerability in their Cortex XDR Agent.

Palo Alto Networks Advisory #5 - Palo Alto Networks published an advisory that describes an out-of-bounds write vulnerability in their PAN-OS product.

Palo Alto Networks Advisory #6 - Palo Alto Networks published an advisory that discusses 15 vulnerabilities in their Prisma Access Browser.

Palo Alto Networks Advisory #7 - Palo Alto Networks published an advisory that describes five vulnerabilities (three with publicly available exploits) in their Expedition product.

PEPPERL+FUCHS Advisory - CERT-VDE published an advisory that discusses the RegreSSHion vulnerability.

Phoenix Contact Advisory - Phoenix Contact published an advisory that discusses three vulnerabilities in their PLCnext Engineer product.

Schneider Advisory #1 - Schneider published an advisory that describes two vulnerabilities in their Data Center Expert product.

Schneider Advisory #2 - Schneider published an advisory that discusses multiple vulnerabilities in their Harmony iPC – HMIBSC IIoT Edge Box Core family products operating system.

Schneider Advisory #3 - Schneider published an advisory that describes an improper privilege management vulnerability in their Easergy Studio product.

Schneider Advisory #4 - Schneider published an advisory that describes a clear-text storage of sensitive information vulnerability in their EVlink Home Smart and Schneider Charge products.

Schneider Advisory #5 - Schneider published an advisory that describes a deserialization of untrusted data vulnerability in their EcoStruxure Power Monitoring Expert product.

Schneider Advisory #6 - Schneider published an advisory that describes an exposure of sensitive information to an unauthorized actor vulnerability in their Harmony and Pro-face PS5000 Legacy Industrial PCs.

Schneider Advisory #7 - Schneider published an advisory that discusses multiple vulnerabilities in their EcoStruxure EV Charging Expert products operating system.

 

For more information on these disclosures, including links to 3rd party advisories, researcher reports, and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-10-412 - subscription required.