Review – Public ICS Disclosures – Week of 11-16-24

This week we have 21 vendor disclosures from Dassault Systems, HPE, Palo Alto Networks (2), Philips (2), QNAP (8), Sick, WAGO, Westermo (2), Wireshark (2), and Zyxel. There are also seven vendor updates from FortiGuard, Mitsubishi, Moxa (4), and VMware. We also have three researcher reports for vulnerabilities in products from MC Technologies (2) and Mongoose Web Server Library. Finally, we have three exploits for products from Korenix, Palo Alto Networks, and Siemens.

Advisories

Dassault Systems Advisory - Dassault Systems published an advisory that describes two vulnerabilities in their eDrawings product.

HPE Advisory - HPE published an advisory that describes an improper handling of exceptional conditions vulnerability in their NonStop DISK UTIL.

Palo Alto Networks Advisory #1 - Palo Alto Networks published an advisory that describes an OS command injection vulnerability {listed in CISA’s Known Exploited Vulnerabilities (KEV) catalog} in their PAN-OS products.

Palo Alto Networks Advisory #2 - Palo Alto Networks published an advisory that describes a missing authentication for critical function vulnerability {listed in CISA’s KEV catalog} in their PAN-OS products.

Philips Advisory #1 - Philips published an advisory that discusses an argument injection vulnerability reported by Laravel.

Philips Advisory #2 - Philips published an advisory that discusses an improper authentication vulnerability {listed in CISA’s KEV catalog} reported by Microsoft in their Windows Scheduler.

QNAP Advisory #1 - QNAP published an advisory that describes four vulnerabilities in their Notes Station 3.

QNAP Advisory #2 - QNAP published an advisory that discusses three vulnerabilities in their QTS and QTS Hero products.

QNAP Advisory #3 - QNAP published an advisory that describes four cross-site scripting vulnerabilities in their Photo Station products.

QNAP Advisory #4 - QNAP published an advisory that describes an exposure of sensitive information to unauthorized actor vulnerability in their AI Core product.

QNAP Advisory #5 - QNAP published an advisory that describes a link following vulnerability in their QuLog Center product.

QNAP Advisory #6 - QNAP published an advisory that describes 15 vulnerabilities in their QTS and QuTS hero products.

QNAP Advisory #7 - QNAP published an advisory that describes two OS command injection vulnerabilities in their QuRouter product.

QNAP Advisory #8 - QNAP published an advisory that describes an authorization bypass through user controlled key vulnerability in their Media Streaming Add-on.

Sick Advisory - Sick published an advisory that describes an execution with unnecessary privileges vulnerability in their  Incoming Goods Suite.

WAGO Advisory - CERT-VDE published an advisory that describes eight vulnerabilities in the firmware of multiple WAGO products.

Westermo Advisory #1 - Westermo published an advisory that discusses an out-of-bounds write vulnerability (with publicly available exploit) in their WeOS.

Westermo Advisory #2 - Westermo published an advisory that discusses the Blast-Radius vulnerabilities in their WeOS products

Wireshark Advisory #1 - Wireshark published an advisory that describes an ECMP dissector crash vulnerability.

Wireshark Advisory #2 - Wireshark published an advisory that describes an FiveCo RAP dissector infinite loop vulnerability.

Zyxel Advisory - Zyxel published an advisory that discusses recent attempts by threat actors to target Zyxel firewalls through previously disclosed vulnerabilities.

Updates

FortiGuard Update #1 - FortiGuard published an update for their CONTINUATION Frames advisory that was originally published on May 14^th, 2024.

FortiGuard Update #2 - FortiGuard published an update for their regreSSHion advisory that was originally published on July 9^th, 2024, and most recently updated on November 15^th, 2024.

Mitsubishi Update - Mitsubishi published an update for their Ethernet port advisory that was originally published on November 30^th, 2021, and most recently updated on November 9^th, 2023.

Moxa Update #1 - Moxa published an update for their Ethernet Switches advisory that was originally published on November 1^st, 2024.

Moxa Update #2 - Moxa published an update for their MDS-G4028-L3 Series advisory that was originally published on November 4^th, 2024.

Moxa Update #3 - Moxa published an update for their Cellular Routers advisory that was originally published on October 14^th, 2024, and most recently updated on October 25^th, 2024.

Moxa Update #4 - Moxa published an update for their SSLv2 Vulnerabilities advisory that was originally published on March 31^st, 2016.

VMware Update - VMware published an update for their vCenter Server advisory that was originally published on September 17^th, 2024, and most recently updated on October 21^st, 2024.

Researcher Reports

MC Technologies Reports - Cisco Talos published two reports covering four OS command injection vulnerabilities in the MC Technologies MC LR Router web interface.

Mongoose Web Server Report - Nozomi Networks published a report describing ten vulnerabilities in the Mongoose Web Server Library.

Exploits

Korenix Exploit - St. Pölten UAS published an exploit for a path traversal vulnerability in the Korenix JetPort 5601.

Palo Alto Networks Exploit - Sachinart published an exploit for a missing authentication for critical function vulnerability in the Palo Alto Networks PAN-OS product.

Siemens Energy Exploit - SEC Consult published an exploit for four vulnerabilities in the Siemens Energy Omnivise T3000.

 

For more information on these disclosures, including links to 3rd party advisories, researcher reports, and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-11-3cc - subscription required.