Review – Public ICS Disclosures – Week of 1-11-24 – Part 2

For Part 2 we have 14 additional vendor disclosures from Omron (2), Schneider (9), Splunk (2), and Zyxel. We also have 9 vendor updates from FortiGuard (4), HP (2), Mitsubishi, Moxa, and Schneider. Part 3 with Siemens updates, researcher reports, and exploits will come out later this week.

Advisories

Omron Advisory #1 - Omron published an advisory that describes a path traversal vulnerability in their NJ/NX-series Machine Automation Controllers.

Omron Advisory #2 - Omron published an advisory that describes an improper restriction of an XML external entity reference vulnerability in their NB-series NX-Designer.

Phoenix Contact Advisory #1 - Phoenix Contact published an advisory that describes an incorrect permission assignment for critical resource vulnerability in their CHARX-SEC3xxx Charge controllers.

Phoenix Contact Advisory #2 - Phoenix Contact published an advisory that discusses an observable discrepancy vulnerability (with publicly available exploit) in their ESL Stick USB-A.

Schneider Advisory #1 - Schneider published an advisory that describes an incorrect calculation of buffer size vulnerability in their Modicon M580 PLCs, BMENOR2200H and EVLink Pro AC.

Schneider Advisory #2 - Schneider published an advisory that describes an improper enforcement of message integrity in a communication channel vulnerability in their Pro-face GP-Pro EX and Remote HMI.

Schneider Advisory #3 - Schneider published an advisory that discusses an out-of-bounds write vulnerability in their Modicon 580 and Modicon Quantum communications modules.

Schneider Advisory #4 - Schneider published an advisory that describes an improper restriction of XML external entity reference in their Web Designer for Modicon Communication Modules.

Schneider Advisory #5 - Schneider published an advisory that describes an exposure of sensitive information to an unauthorized actor vulnerability in their Web Server on Modicon M340.

Schneider Advisory #6 - Schneider published an advisory that describes a deserialization of untrusted data vulnerability in their RemoteConnect and SCADAPack x70 Utilities.

Schneider Advisory #7 - Schneider published an advisory that discusses an uncontrolled search path element vulnerability in multiple Schneider products using FlexNet Publisher.

Schneider Advisory #8 - Schneider published an advisory that describes two vulnerabilities in their PowerLogic HDPM6000 High-Density Metering System.

Schneider Advisory #9 - Schneider published an advisory that describes an improper restriction of operations within the bounds of a memory buffer vulnerability in their EcoStruxure Power Build Rapsody.

Splunk Advisory #1 - Splunk published an advisory that describes a regular expression denial-of-service vulnerability in their Splunk Supporting Add-on for Active Directory (SA-ldapsearch).

Splunk Advisory #2 - Splunk published an advisory that describes an improper privilege management vulnerability in their Splunk App for SOAR.

Zyxel Advisory - Zyxel published an advisory that describes an improper privilege management vulnerability in their APs and security router devices.

Updates

FortiGuard Update #1 -FortiGuard published an update for their buffer overflow advisory that was originally published on May 14^th, 2024, and most recently updated on June 19^th, 2024.

FortiGuard Update #2 - FortiGuard published an update for their HTTP2 Rapid Reset advisory that was originally published on February 8^th, 2024, and most recently updated on June 19^th, 2024.

FortiGuard Update #3 - FortiGuard published an update for their out-of-bounds write advisory that was originally published on February 8^th, 2024, and most recently updated on February 23^rd, 2025.

FortiGuard Update #4 - FortiGuard published an update for their path traversal advisory that was originally published on October 10^th, 2023.

HP Update #1 - HP published an update for their Intel 2024.3 IPU advisory that was originally published on October 18^th, 2024.

HP Update #2 - HP published an update for their Intel 2024.3 IPU advisory that was originally published on October 17^th, 2024.

Mitsubishi Update - Mitsubishi published an update for their GENESIS64TM and MC Works64 advisory that was originally published on November 28^th, 2025.

Moxa Update - Moxa published an update for their Cellular Routers advisory that was originally published on January 15^th, 2025, and most recently updated on January 10^th, 2025.

Schneider Update - Schneider published an update for their BadAlloc advisory that was originally published on November 9^th, 2021, and most recently updated on November 12^th, 2024.

 

For more information on these disclosures, including links to 3^rd party advisories and researcher reports, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-1-c2c - subscription required.