Saturday, March 15, 2025

Review – Public ICS Disclosures – Week of 3-8-25 – Part 1

This week we have 26 vendor disclosures from ABB, FortiGuard (9) HP (3), HPE (5), KeyShot, Palo Alto Networks (6), and Schneider. More in Part 2, but no Part 3 this month.

Advisories

ABB Advisory - ABB published an advisory that discusses a prototype pollution vulnerability (with publicly available exploit) in their RMC-100 with REST interface.

FortiGuard Advisory #1 - FortiGuard published an advisory that describes an SQL injection vulnerability in their FortiAnalyzer, FortiManager, and FortiAnalyzer-BigData products.

FortiGuard Advisory #2 - FortiGuard published an advisory that describes a client-side enforcement of server-side security vulnerability in their FortiSandbox product.

FortiGuard Advisory #3 - FortiGuard published an advisory that describes an incorrect authorization vulnerability in their FortiSandbox product.

FortiGuard Advisory #4 - FortiGuard published an advisory that describes a use of externally-controlled format string vulnerability (with publicly available exploit) in multiple FortiGuard products.

FortiGuard Advisory #5 - FortiGuard published an advisory that describes an OS command injection vulnerability in their FortiSandbox product.

FortiGuard Advisory #6 - FortiGuard published an advisory that describes an OS command injection vulnerability in their FortiManager CLI.

FortiGuard Advisory #7 - FortiGuard published an advisory that describes an OS command injection vulnerability in their FortiSandbox product.

FortiGuard Advisory #8 - FortiGuard published an advisory that describes the use of a hard-coded cryptographic key vulnerability in their FortiSandbox product.

FortiGuard Advisory #9 - FortiGuard published an advisory that describes an SQL injection vulnerability in their FortiSandbox product.

HP Advisory #1 - HP published an advisory that discusses seven vulnerabilities in multiple HP products.

HP Advisory #2 - HP published an advisory that discusses eleven vulnerabilities in multiple HP products.

HP Advisory #3 - HP published an advisory that discusses three vulnerabilities in multiple HP products.

HPE Advisory #1 - HPE published an advisory that discusses two vulnerabilities (one with publicly available exploit) in their ProLiant DL/XL Servers.

HPE Advisory #2 - HPE published an advisory that discusses two vulnerabilities in their ProLiant DX Servers.

HPE Advisory #3 - HPE published an advisory that describes an authentication bypass vulnerability in their Cray XD670 Server.

HPE Advisory #4 - HPE published an advisory that discusses two vulnerabilities (one with publicly available exploits) in their Cray Servers.

HPE Advisory #5 - HPE published an advisory that discusses an improper input validation vulnerability in their Cray Servers.

KeyShot Advisory - KeyShot published an advisory that describes three vulnerabilities in their Studio product.

Palo Alto Networks Advisory #1 - Palo Alto Networks published an advisory that describes an exposed unsafe ActiveX method vulnerability in their GlobalProtect App.

Palo Alto Networks Advisory #2 - Palo Alto Networks published an advisory that describes a reliance on untrusted inputs in a security decision vulnerability in their GlobalProtect App.

Palo Alto Networks Advisory #3 - Palo Alto Networks published an advisory that describes an improper check for unusual or exceptional conditions vulnerability in their PAN-OS product.

Palo Alto Networks Advisory #4 - Palo Alto Networks published an advisory that describes an improper resolution of path equivalence vulnerability in their PAN-OS product.

Palo Alto Networks Advisory #5 - Palo Alto Networks published an advisory that describes an uncontrolled resource consumption vulnerability in their PAN-OS product.

Palo Alto Networks Advisory #6 - Palo Alto Networks published an advisory that discusses 16 vulnerabilities in their Prisma Access Browser.

Schneider Advisory #1 - Schneider published an advisory that describes an insertion of sensitive information into a log file vulnerability in their EcoStruxure Panel Server.

Schneider Advisory #2 - Schneider published an advisory that describes an improper authentication vulnerability in their EcoStruxure™ Power Automation System User Interface products.

Schneider Advisory #3 - Schneider published an advisory that describes an insecure default initialization of a resource vulnerability in their EcoStruxure Power Automation System User Interface and EcoStruxure Microgrid Operation Large products.

 

For more information on these disclosures, including links to 3rd party advisories, researcher reports, and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-3-90e - subscription required.

No comments:

 
/* Use this with templates/template-twocol.html */