Review – Public ICS Disclosures – Week of 12-7-24 – Part 1

This week we have 32 vendor disclosures from HP, HPE (12), Palo Alto Networks, Phoenix Contact (2), QNAP (3), Schneider (3), SEL, SICK, Splunk (7), and Supermicro.

Advisories

HP Advisory - HP published an advisory that describes an uncaught exception vulnerability in multiple business computers.

HPE Advisory #1 - HPE published an advisory that describes two vulnerabilities (one with multiple publicly available exploits) in their Aruba Networking AirWave Management Platform.

HPE Advisory #2 - HPE published an advisory that discusses an improper FMS in hardware logic vulnerability in their SimpliVity Servers.

HPE Advisory #3 - HPE published an advisory that discusses an incorrect order behavior vulnerability in the SimpliVity Servers.

HPE Advisory #4 - HPE published an advisory that discusses four vulnerabilities in their SimpliVity Servers.

HPE Advisory #5 - HPE published an advisory that discusses an improper FMS in hardware logic vulnerability in their SimpliVity Servers.

HPE Advisory #6 - HPE published an advisory that discusses two vulnerabilities in their SimpliVity Servers.

HPE Advisory #7 - HPE published an advisory that discusses an insufficient control flow management vulnerability in their SimpliVity Servers.

HPE Advisory #8 - HPE published an advisory that discusses two vulnerabilities in their SimpliVity Servers.

HPE Advisory #9 - HPE published an advisory that discusses a code injection vulnerability in their SimpliVity AMD Servers.

HPE Advisory #10 - HPE published an advisory that discusses a sensitive information in resource not removed before reuse vulnerability in their SimpliVity Servers.

HPE Advisory #11 - HPE published an advisory that discusses an observable discrepancy vulnerability in their SimpliVity Servers.

HPE Advisory #12 - HPE published an advisory that discusses four vulnerabilities in their Telco Service Orchestrator.

Palo Alto Networks Advisory - Palo Alto Networks published an advisory that discusses two type confusion vulnerabilities in their Prisma Access Browser.

Phoenix Contact Advisory #1 - Phoenix Contact published an advisory that discusses six vulnerabilities (one with publicly available exploit) in their PLCNext products.

Phoenix Contact Advisory #2 - Phoenix Contact published an advisory that discusses 63 vulnerabilities in their PLCNext products.

QNAP Advisory #1 - QNAP published an advisory that describes a link following vulnerability in their Qsync Central product.

QNAP Advisory #2 - QNAP published an advisory that describes eight vulnerabilities in their QTS and QuTS hero products that were reported during a recent PWN-to-OWN competition.

QNAP Advisory #3 - QNAP published an advisory that describes an OS command injection vulnerability in their License Center product.

Schneider Advisory #1 - Schneider published an advisory that describes an improper authentication vulnerability in their PowerChute Serial Shutdown product.

Schneider Advisory #2 - Schneider published an advisory that describes a use of unmaintained third-party components vulnerability in their Harmony HMI and Pro-face HMI products.

Schneider Advisory #3 - Schneider published an advisory that describes an improper input validation vulnerability in their Modicon controllers.

SEL Advisory - SEL published a version update notice for their SEL-5037 SEL Grid Configurator that reported a cybersecurity enhancement.

SICK Advisory - SICK published an advisory that describes six vulnerabilities in their InspectorP61x, InspectorP62x and TiM3xx products.

Splunk Advisory #1 - Splunk published an advisory that discusses an exposure of sensitive information vulnerability in their Universal Forwarder.

Splunk Advisory #2 - Splunk published an advisory that discusses 11 vulnerabilities in their Enterprise product.

Splunk Advisory #3 - Splunk published an advisory that describes a deserialization of untrusted data vulnerability in their Secure Gateway app.

Splunk Advisory #4 - Splunk published an advisory that describes a cleartext transmission of sensitive information vulnerability in their Enterprise product SPL commands.

Splunk Advisory #5 - Splunk published an advisory that describes an exposure of sensitive information to unauthorized actor vulnerability in their Enterprise product.

Splunk Advisory #6 - Splunk published an advisory that describes an exposure of sensitive information to unauthorized actor vulnerability in their Enterprise product.

Splunk Advisory #7 - Splunk published an advisory that describes an exposure of sensitive information to unauthorized actor vulnerability in their Enterprise product.

Supermicro Advisory - Supermicro published an advisory that describes a memory address aliasing vulnerability in their EPYC 3rd and 4th Gen Processors.

 

For more information on these advisories, including links to 3rd party advisories, researcher reports, and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-12-2f8 - subscription required.