Review – Public ICS Disclosures – Week of 3-8-25 – Part 1

This week we have 26 vendor disclosures from ABB, FortiGuard (9) HP (3), HPE (5), KeyShot, Palo Alto Networks (6), and Schneider. More in Part 2, but no Part 3 this month.

Advisories

ABB Advisory - ABB published an advisory that discusses a prototype pollution vulnerability (with publicly available exploit) in their RMC-100 with REST interface.

FortiGuard Advisory #1 - FortiGuard published an advisory that describes an SQL injection vulnerability in their FortiAnalyzer, FortiManager, and FortiAnalyzer-BigData products.

FortiGuard Advisory #2 - FortiGuard published an advisory that describes a client-side enforcement of server-side security vulnerability in their FortiSandbox product.

FortiGuard Advisory #3 - FortiGuard published an advisory that describes an incorrect authorization vulnerability in their FortiSandbox product.

FortiGuard Advisory #4 - FortiGuard published an advisory that describes a use of externally-controlled format string vulnerability (with publicly available exploit) in multiple FortiGuard products.

FortiGuard Advisory #5 - FortiGuard published an advisory that describes an OS command injection vulnerability in their FortiSandbox product.

FortiGuard Advisory #6 - FortiGuard published an advisory that describes an OS command injection vulnerability in their FortiManager CLI.

FortiGuard Advisory #7 - FortiGuard published an advisory that describes an OS command injection vulnerability in their FortiSandbox product.

FortiGuard Advisory #8 - FortiGuard published an advisory that describes the use of a hard-coded cryptographic key vulnerability in their FortiSandbox product.

FortiGuard Advisory #9 - FortiGuard published an advisory that describes an SQL injection vulnerability in their FortiSandbox product.

HP Advisory #1 - HP published an advisory that discusses seven vulnerabilities in multiple HP products.

HP Advisory #2 - HP published an advisory that discusses eleven vulnerabilities in multiple HP products.

HP Advisory #3 - HP published an advisory that discusses three vulnerabilities in multiple HP products.

HPE Advisory #1 - HPE published an advisory that discusses two vulnerabilities (one with publicly available exploit) in their ProLiant DL/XL Servers.

HPE Advisory #2 - HPE published an advisory that discusses two vulnerabilities in their ProLiant DX Servers.

HPE Advisory #3 - HPE published an advisory that describes an authentication bypass vulnerability in their Cray XD670 Server.

HPE Advisory #4 - HPE published an advisory that discusses two vulnerabilities (one with publicly available exploits) in their Cray Servers.

HPE Advisory #5 - HPE published an advisory that discusses an improper input validation vulnerability in their Cray Servers.

KeyShot Advisory - KeyShot published an advisory that describes three vulnerabilities in their Studio product.

Palo Alto Networks Advisory #1 - Palo Alto Networks published an advisory that describes an exposed unsafe ActiveX method vulnerability in their GlobalProtect App.

Palo Alto Networks Advisory #2 - Palo Alto Networks published an advisory that describes a reliance on untrusted inputs in a security decision vulnerability in their GlobalProtect App.

Palo Alto Networks Advisory #3 - Palo Alto Networks published an advisory that describes an improper check for unusual or exceptional conditions vulnerability in their PAN-OS product.

Palo Alto Networks Advisory #4 - Palo Alto Networks published an advisory that describes an improper resolution of path equivalence vulnerability in their PAN-OS product.

Palo Alto Networks Advisory #5 - Palo Alto Networks published an advisory that describes an uncontrolled resource consumption vulnerability in their PAN-OS product.

Palo Alto Networks Advisory #6 - Palo Alto Networks published an advisory that discusses 16 vulnerabilities in their Prisma Access Browser.

Schneider Advisory #1 - Schneider published an advisory that describes an insertion of sensitive information into a log file vulnerability in their EcoStruxure Panel Server.

Schneider Advisory #2 - Schneider published an advisory that describes an improper authentication vulnerability in their EcoStruxure™ Power Automation System User Interface products.

Schneider Advisory #3 - Schneider published an advisory that describes an insecure default initialization of a resource vulnerability in their EcoStruxure Power Automation System User Interface and EcoStruxure Microgrid Operation Large products.

 

For more information on these disclosures, including links to 3^rd party advisories, researcher reports, and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-3-90e - subscription required.