Review – Public ICS Disclosures – Week of Week of 11-30-24

This week we have fourteen vendor disclosures from Broadcom, Cisco, Dell, Festo, Hitachi, HPE, Moxa, Philips, QNAP (3), Rockwell, WAGO, and Zyxel. There are seven vendor updates from Broadcom, FortiGuard (4), Moxa, and Palo Alto Networks. We also have five researcher reports for products from ABB (4) and WAGO. Finally, we have four exploits for FortiGuard, Intelligent Security Systems, Siemens, and VMware.

Advisories

Broadcom Advisory - Broadcom published an advisory that discusses nine vulnerabilities in their Brocade SANnav product.

Cisco Advisory - Cisco published an advisory that describes an improper access control vulnerability in their NX-OS product.

Dell Advisory - Dell published an advisory that discusses 18 vulnerabilities in their Dell ThinOS.

Festo Advisory - CERT-VDE published an advisory that discusses three vulnerabilities in the Festo provided CODESYS Gateway Server.

Hitachi Advisory - Hitachi published an advisory that describes a use of default credentials vulnerability in their Ops Center OVA product.

HPE Advisory - HPE published an advisory that describes four vulnerabilities in their Aruba Networking ClearPass Policy Manager.

Moxa Advisory - Moxa published an advisory that describes an improper validation of specified type of input vulnerability in their VPort 07-3 Series IP cameras.

Philips Advisory - Philips published an advisory that discusses an improper handling of file names that identify virtual resources vulnerability in the Sailpoint IdentityIQ Identity and Access Management software.

QNAP Advisory #1 - QNAP published an advisory that describes a link following vulnerability in their Qsync Central product. The vulnerability was reported by c411e.

QNAP Advisory #2 - QNAP published an advisory that describes eight vulnerabilities in their QTS and QuTS hero products.

QNAP Advisory #3 - QNAP published an advisory that describes an OS command injection vulnerability in their License Center product.

Rockwell Advisory - Rockwell published an advisory that describes four vulnerabilities in their Arena product. The vulnerabilities were reported by the Zero Day Initiative.

WAGO Advisory - CERT-VDE published an advisory that discusses an improper check for unusual or exceptional conditions vulnerability in the WAGO Basic Controller products.

Zyxel Advisory - Zyxel published an advisory that describes three vulnerabilities in multiple Zyxel communications products.

Updates

Broadcom Update - Broadcom published an update for their Azul Zulu advisory that was originally published on July 26^th, 2024, and most recently updated on July 29^th, 2024.

FortiGuard Update #1 - FortiGuard published an update for their HTTP/2 CONTINUATION Frames advisory that was originally published on May 14^th, 2024, and most recently updated on November 21^st, 2024.

FortiGuard Update #2 - FortiGuard published an update for their regreSSHion advisory that was originally published on July 9^th, 2024, and most recently updated on November 22^nd, 2024.

FortiGuard Update #3 - FortiGuard published an update for their FortiOS advisory that was originally published on April 9^th, 2024, and most recently updated on May 15^th, 2024.

FortiGuard Update #4 - FortiGuard published an update for their Stack buffer overflow on Bluetooth advisory that was originally published on June 11^th, 2024.

Moxa Update - Moxa published an update for their Weak SSL/TLS Key Exchange advisory that was originally published on November 4^th, 2024, and most recently updated on November 22^nd, 2024.

Palo Alto Networks Update - Palo Alto Networks published an update for their GlobalProtect App advisory that was originally published on November 25^th, 2024.

Researcher Reports

ABB Reports - Zero Science published four reports about individual vulnerabilities in the ABB Cylon Aspect.

WAGO Report - Nozomi Networks published a report that describes eight vulnerabilities in the WAGO PLC device model 750-8216/025-001.

Exploits

FortiGuard Exploit - sfewer-r7 published a Metasploit module for a missing authentication for critical function vulnerability (listed in CISA’s Known Exploited Vulnerability catalog) in the FortiGuard FortiManager products.

Intelligent Security Systems Exploit - Milad Karimi published an exploit for an unquoted service path vulnerability in the Intelligent Security Systems SecureOS.

Siemens Exploit - Stefan Viehböck, and Constantin Schieber-Knöbl of SEC Consult published an exploit for an improper NULL termination vulnerability in the Siemens JTAG Interface.

VMware Exploit - Matei Mal Badanoiu published a Metasploit module for a ASP.NET misconfiguration: use of identity impersonation vulnerability in the VMware vCenter Server.

 

For more information on these disclosures, including links to 3rd party advisories and researcher reports, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-week - subscription required.