Monday, March 10, 2025

Review – Public ICS Disclosures – Week of 3-1-25 – Part 2

For Part 2 we have four additional vendor disclosures from Dell, WAGO, and Weidmueller (2). There are also two updates from Cisco and FortiGuard. We have seven researcher reports for vulnerabilities in products from ABB, Delta Electronics (3), and HP (3). Finally, we have four exploits for products from Advantech (2), ControlID, and HP.

Advisories

Dell Advisory - Dell published an advisory that discusses 64 vulnerabilities in their ThinOS product line.

WAGO Advisory - CERT-VDE published an advisory that describes an unchecked return value vulnerability in multiple WAGO products.

Weidmueller Advisory #1 - CERT-VDE published an advisory that discusses a Sweet32 vulnerability in multiple Weidmueller ethernet switches.

Weidmueller Advisory #2 - CERT-VDE published an advisory that describes a use of hard-coded credentials vulnerability in Weidmueller PROCON-WIN product.

Updates

Cisco Update - Cisco published an update for their small business routers advisory that was originally published on January 11th, 2023, and most recently updated on March 14th, 2023.

FortiGuard Update - FortiGuard published an update for their RADIUS Protocol advisory that was originally published on August 13th, 2024, and most recently updated on January 14th, 2025.

Researcher Reports

ABB Report - Zero Science published a report that describes a security bypass vulnerability (with publicly available exploit) in the ABB Cylon Aspect building energy management program.

Delta Researcher Reports - ZDI published three reports about vulnerabilities in the Delta ISPSoft product.

HP Researcher Reports - ZDI published three reports about vulnerabilities in the HP LaserJet Pro MFP 3301fdw.

Exploits

Advantech Exploit #1 - Indoushka published an exploit for an SQL injection vulnerability in the Advantech WebAccess product.

Advantech Exploit #2 - Indoushka published an exploit for an improper input validation vulnerability in the Advantech DIAEnergie product.

ControlID Exploit - Indoushka published an exploit for an improper authentication vulnerability in the ControlID iDSecure product.

HP Exploit - Indoushka published an exploit for a shell upload vulnerability in the HP Intelligent Management Center.

 

For more information on these disclosures, including links to 3rd party advisories, researcher reports, and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-3-a8f - subscription required.

Posted by at
Labels: , , , , , , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)
 
/* Use this with templates/template-twocol.html */