Review – Public ICS Disclosures – Week of 10-5-24 – Part 2

For Part 2 we have six additional vendor disclosures from SonicWall, Supermicro, VMware (2), and Wireshark (2). There are also 22 vendor updates from FortiGuard, HP, HPE, Schneider, and Siemens (18). There are also ten researcher reports on vulnerabilities in products from ABB. Finally, we have two exploits for products from Hikvision and Palo Alto Networks.

Advisories

SonicWall Advisory - SonicWall published an advisory that describes three vulnerabilities in their SMA1000 Connect Tunnel Windows Client.

Supermicro Advisory - Supermicro published an advisory that discusses the Terrapin-Attack vulnerability.

VMware Advisory #1 - Broadcom published an advisory that describes three vulnerabilities in the VMware Cloud Foundation and VMware NSX products.

VMware Advisory #2 - Broadcom published an advisory that describes two vulnerabilities in the VMware Avi Load Balancer.

Wireshark Advisory #1 - Wireshark published an advisory that describes a missing initialization of a variable vulnerability in their ITS dissector.

Wireshark Advisory #2 - Wireshark published an advisory that describes an improper handling of missing values vulnerability in their AppleTalk and Reload framing dissectors.

Updates

FortiGuard Update #1 - FortiGuard published an update for their Buffer overflow in fgfmd advisory that was originally published on June 11^th, 2024.

HP Update - HP published an update for their AMD Graphics Driver advisory that was originally published on August 13^th, 2024.

HPE Update - HP published an update for their Blast-Radius advisory that was originally published on July 9^th, 2024, and most recently updated on August 30^th, 2024.

Schneider Update - Schneider published an update for their Modicon M340 Controller advisory that was originally published on April 12^th, 2024, and most recently updated on February 14^th, 2023.

Siemens Update #1 - Siemens published an update for their User Management Component advisory that was originally published on December 12^th, 2023, and most recently updated on September 10^th, 2024.

Siemens Update #2 - Siemens published an update for their Industrial Products advisory that was originally published on May 14^th, 2024, and most recently updated on September 10^th, 2024.

Siemens Update #3 - Siemens published an update for their LOGO! 8 BM Devices advisory that was originally published on October 11^th, 2022, and most recently updated on September 10^th, 2024.

Siemens Update #4 - Siemens published an update for their LOGO! V8.3 BM Devices advisory that was originally published on August 13^th, 2024, and most recently updated on September 10^th, 2024.

Siemens Update #5 - Siemens published an update for their LOGO! V8.3 BM Devices advisory that was originally published on December 12^th, 2023, and most recently updated on September 9^th, 2024.

Siemens Update #6 - Siemens published an update for their LOGO! 8 BM advisory that was originally published on March 9^th, 2021, and most recently updated on September 10^th, 2024.

Siemens Update #7 - Siemens published an update for their OPC UA Implementations advisory that was originally published on September 12^th, 2023, and most recently updated on July 9^th, 2024.

Siemens Update #8 - Siemens published an update for their RUGGEDCOM APE1808 Devices advisory that was originally published on July 9^th, 2024, and most recently updated on September 10^th, 2024.

Siemens Update #9 - Siemens published an update for their SIMATIC SCADA and PCS 7 systems advisory that was originally published on September 10^th, 2024.

Siemens Update #10 - Siemens published an update for their NUCLEUS:13 advisory that was originally on December 14^th, 2021, and most recently updated on November 8^th, 2022.

Siemens Update #11 - Siemens published an update for their RUGGEDCOM APE1808 Devices advisory that was originally published on April 9^th, 2024, and most recently updated on September 10^th, 2024.

Siemens Update #12 - Siemens published an update for their GNU/Linux subsystem advisory that was originally published on December 12^th, 2023, and most recently updated on August 13^th, 2024.

Siemens Update #13 - Siemens published an update for their RUGGEDCOM APE1808 Devices that was originally published on March 12^th, 2024.

Siemens Update #14 - Siemens published an update for their RUGGEDCOM APE1808 Devices advisory that was originally published on July 9^th, 2024, and most recently updated on August 13^th, 2024.

Siemens Update #15 - Siemens published an update for their OPC Foundation Local Discovery Server advisory that was originally published on May 10^th, 2022, most recently updated on April 11^th, 2023.

Siemens Update #16 - Siemens published an update for their Mendix Runtime advisory that was originally published on March 8^th, 2022, and most recently updated on May 14^th, 2024.

Siemens Update #17 - Siemens published an update for their User Management Component advisory that was originally published on September 10^th, 2024.

Researcher Reports

ABB Reports - Zero Science published ten reports about vulnerabilities (exploits are available) in the ABB Cylon Aspect building energy management system.

Exploits

Hikvision Exploit - Indoushka published an exploit for a cross-site request forgery in the Hikvision IP Cameras.

Palo Alto Networks Exploit - Johannes Greil and Michael Baer published an exploit for a privilege escalation vulnerability in the Palo Alto Networks GlobalProtect product.

 

For more information on these disclosures, including links to researcher reports, and exploits, as well as brief descriptions of changes made in updates, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-10-5bd - subscription required.