Review – Public ICS Disclosures – Week of 1-4-25

This week we have 14 vendor disclosures from ABB, Broadcom, Eaton, HPE (3), ioCharger, Moxa, Palo Alto Networks (2), SonicWall, Splunk (2), and VMware. There are also five vendor updates from Broadcom, HP, and Moxa (3). We also have 13 researcher reports for vulnerabilities in products from ABB (12) and Illumina.

Advisories

ABB Advisory - ABB published an advisory that discusses five vulnerabilities in their AC500 V3 products.

Broadcom Advisory - Broadcom published an advisory that discusses an OS command injection vulnerability in multiple Brocade products.

Eaton Advisory - Eaton published an advisory that discusses the regreSSHion vulnerability.

HPE Advisory #1 - HPE published an advisory that discusses ten vulnerabilities (two with publicly available exploit code) in their SAN Switches.

HPE Advisory #2 - HPE published an advisory that describes two command injection vulnerabilities in their Aruba Networking 501 Wireless Client Bridge.

HPE Advisory #3 - HPE published an advisory that describes a traffic handling vulnerability in their Aruba CX 10000 Switch Series.

IoCharger Advisory - DIVD CERT published an advisory that describes 17 vulnerabilities in the ioCharger vehicle charging stations.

Moxa Advisory - Moxa published an advisory that provides security enhancement instructions for their PT-7528/7728/7828 Series products.

Palo Alto Networks Advisory #1 - Palo Alto Networks published an advisory that discusses six vulnerabilities in their Prisma Access Browser.

Palo Alto Networks Advisory #2 - Palo Alto Networks published an advisory that describes five vulnerabilities in their Expedition Migration Tool.

SonicWall Advisory - SonicWall published an advisory that describes four vulnerabilities in the SonicOS product.

Splunk Advisory #1 - Splunk published an advisory that discusses three vulnerabilities in their Splunk Add-on for JBoss.

Splunk Advisory #2 - Splunk published an advisory that describes an improper privilege management vulnerability in their Splunk App for SOAR.

VMware Advisory - Broadcom published an advisory that describes a server-side request forgery vulnerability in their Aria automation product.

Updates

Broadcom Update - Broadcom published an update for their OpenSSH advisory that was originally published on December 9^th, 2024.

HP Update - HP published an update for their Intel PROSet/Wireless Wi-Fi advisory that was originally published on November 12^th, 2024.

Moxa Update #1 - Moxa published an update for their cellular routers advisory that was originally published on January 3^rd, 2025.

Moxa Update #2 - Moxa published an update for their multiple switches advisory that was originally published on June 14^th, 2023, and most recently updated on August 2^nd, 2023.

Moxa Update #3 - Moxa published an update for their TN-5900 Series advisory that was originally published on October 4^th, 2024.

Researcher Reports

ABB Reports - Zero Science published 12 reports of individual vulnerabilities (with publicly available exploits) in the ABB Cylon Aspect building energy management product.

Illumina Report - Eclypsium published a report describing vulnerabilities in the iSeq 100 sequencer device from Illumina.

 

For more information on these disclosures, including links to 3rd party advisories, researcher reports, and exploits, see my article at CFSN Detailed analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-1-f44 - subscription required.