Review – Public ICS Disclosures – Week of 12-7-24 – Part 2

For Part 2 this week we have 21vvendor updates from Cisco, CODESYS, Palo Alto Networks, and Siemens (18). There are 12 researcher reports about vulnerabilities in products from ABB (9), GeoVision, Phoenix Contact, and Ruijie. Finally, we have an exploit for products from Linear.

Updates

Cisco Update - Cisco published an update for their NX-OS Software Image Verification Bypass advisory that was originally published on December 4^th, 2024.

CODESYS Update - CODESYS published an update for their Control Win advisory that was originally published on May 22^nd, 2024, and most recently updated on June 5^th, 2024.

Palo Alto Networks Update - Palo Alto Networks published an update for their GlobalProtect App advisory that was originally published on November 25^th, 2024, and most recently updated on December 6^th, 2024.

Siemens Update #1 - Siemens published an update for their Intel-CPUs advisory that was originally published on September 12^th, 2023, and  most recently updated on August 13^th, 2024.

Siemens Update #2 - Siemens published an update for their Industrial Products advisory that was originally published on May 14^th, 2024, and most recently updated on November 12^th, 2024.

Siemens Update #3 - Siemens published an update for their SIMATIC S7-1500 advisory that was originally published on October 8^th, 2024, and most recently updated on November 12^th, 2024.

Siemens Update #4 - Siemens published an update for their Palo Alto Networks Virtual NGFW advisory that was originally published on April 9^th, 2024, and most recently updated on August 13^th, 2024.

Siemens Update #5 - Siemens published an update for their Socket.IO advisory that was originally published on September 10^th, 2024, and most recently updated on November 12^th, 2024.

Siemens Update #6 - Siemens published an update for their RADIUS Protocol advisory that was originally published on July 9^th, 2024, and most recently updated on November 12^th, 2024.

Siemens Update #7 - Siemens published an update for their OPC UA Implementation advisory that was originally published on September 12^th, 2023, and most recently updated on October 8^th, 2024.

Siemens Update #8 - Siemens published an update for their Fortigate NGFW advisory that was originally published on July 9^th, 2024, and most recently updated on October 8^th, 2024.

Siemens Update #9 - Siemens published an update for their SICAM and SITIPE Products advisory that was originally published on September 10^th, 2024.

Siemens Update #10 - Siemens published an update for their Profinet Devices advisory that was originally published on July 13^th, 2021, and most recently updated on November 12^th, 2024.

Siemens Update #11 - Siemens published an update for their Tecnomatix Plant Simulation advisory that was originally published on October 8^th, 2024. - Siemens published an update for their Tecnomatix Plant Simulation advisory that was originally published on October 8^th, 2024.

Siemens Update #12 - Siemens published an update for their Palo Alto Networks Virtual NGFW advisory that was originally published on April 9^th, 2024, and most recently updated on October 8^th, 2024.

Siemens Update #13 - Siemens published an update for their GNU/Linux subsystem advisory that was originally published on December 12^th, 2023, and most recently updated on November 12^th, 2024.

Siemens Update #14 - Siemens published an update for their Palo Alto Networks Virtual NGFW advisory that was originally published on July 9^th, 2024, and most recently updated on November 12^th, 2024.

Siemens Update #15 - Siemens published an update for their n SENTRON Powercenter advisory that was originally published on October 8^th, 2024.

Siemens Update #16 - Siemens published an update for their OpenSSL X.400 advisory that was originally published on August 8^th, 2024, and most recently updated on November 12^th, 2024.

Siemens Update #17 - Siemens published an update for their Timing Based Side Channel advisory that was originally published on August 8^th, 2023, and most recently updated on December 12^th, 2023.

Siemens Update #18 - Siemens published an update for their Protection Mechanism Failure advisory that was originally published on June 13^th, 2023, and most recently updated on December 12^th, 2023.

Researcher Reports

ABB Reports - Zero Science published nine reports describing vulnerabilities in the ABB Cylon Aspect building energy management product.

GeoVision Report - The Zero Day Initiative published a report that describes a missing authorization vulnerability in the GeoVision GV-ASManager product.

Phoenix Contact Report - Nozomi Networks published a report that describes 12 vulnerabilities in the Phoenix Contact mGuard industrial router.

Ruijie Report - Claroty published a report that describes 10 vulnerabilities in the Ruijie Cloud-Connected Devices.

Exploits

Linear Exploit - Ik-mayne published an exploit for an OS command injection vulnerability in the Linear eMerge e3-Series product.

 

For more information on these updates, reports and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-12-3d4 - subscription required.