Review – Public ICS Disclosures – Week of 3-8-25 – Part 2

For Part 2 we have three additional vendor disclosures from SEL, Sick, and Zyxel. There are also 21 vendor updates for products from Broadcom, HP, HPE, Schneider (2), and Siemens (16). Finally, we have six exploits for vulnerabilities in products from ABB (2), Foundstone, GE, WinTr, and Yokogawa.

Advisories

SEL Advisory - SEL published an update notice for their SEL-5032 acSELerator Architect Software that included a cybersecurity enhancement.

Sick Advisory - Sick published an advisory that describes three vulnerabilities in their SICK DL100-2xxxxxxx.

Zyxel Advisory - Zyxel published an advisory that describes three OS command injection vulnerabilities in multiple Zyxel product lines.

Updates

Broadcom Update - Broadcom published an update for their Brocade ASCG Vulnerability advisory that was originally published on January 7^th, 2025, and most recently updated on February 27^th, 2025.

HP Update - HP published an update for their HP LaserJet Pro advisory that was originally published on February 14^th, 2025.

HPE Update - HPE published an update for their Aruba Networking Access Points advisory that was originally published on August 3^rd, 2024, and most recently updated on August 15^th, 2024.

Schneider Update #1 - Schneider published an update for their Modicon M241 advisory that was originally published on December 10^th, 2024.

Schneider Update #2 - Schneider published an update for their EcoStruxure Power Monitoring Expert advisory that was originally published on October 8^th, 2024.

Siemens Update #1 - Siemens published an update for their User Management Component advisory that was originally published on December 16^th, 2024.

Siemens Update #2 - Siemens published an update for their n SIMATIC S7-1500 advisory that was originally published on October 8^th, 2024, and most recently updated on January 14^th, 2025.

Siemens Update #3 - Siemens published an update for their Fortigate NGFW advisory that was originally published on March 12^th, 2024, and most recently updated on February 11^th, 2025.

Siemens Update #4 - Siemens published an update for their Fortigate NGFW advisory that was originally published on February 11^th, 2025.

Siemens Update #5 - Siemens published an update for their SIPROTEC 5 advisory that was originally published on February 11^th, 2025.

Siemens Update #6 - Siemens published an update for their Radius Protocol advisory that was originally published on July 9^th, 2024, and most recently updated on January 14^th, 2025.

Siemens Update #7 - Siemens published an update for their Radius Protocol advisory that was originally published on July 9^th, 2024, and most recently updated on January 14^th, 2025.

Siemens Update #8 - Siemens published an update for their SegmentSmack advisory that was originally published on April 14^th, 2020, and most recently updated on January 14^th, 2025.

Siemens Update #9 - Siemens published an update for their DHCP Client advisory that was originally published on November 12^th, 2019, and most recently updated on February 13^th, 2024.

Siemens Update #10 - Siemens published an update for their GNU/Linux subsystem advisory that was originally published on December 12^th, 2022, and most recently updated February 11^th, 2025.

Siemens Update #11 - Siemens published an update for their GNU/Linux subsystem advisory that was originally published on April 9^th, 2024, and most recently updated on February 11^th, 2025.

Siemens Update #12 - Siemens published an update for their Nucleus RTOS advisory that was originally published on April 13^th, 2021, and most recently updated on February 13^th, 2023.

Siemens Update #13 - Siemens published an update for their SIMATIC Products Webserver advisory that was originally published on February 11^th, 2025.

Siemens Update #14 - Siemens published an update for their SIPROTEC 5 Webserver advisory that was originally published on January 14^th, 2025, and most recently updated on February 11^th, 2025.

Siemens Update #15 - Siemens published an update for their SIMATIC S7-1500 CPUs Webserver advisory that was originally published on October 8^th, 2024, and most recently updated on January 14^th, 2025.

Siemens Update #16 - Siemens published an update for their User Management Component advisory that was originally published on September 10^th, 2024, and most updated on January 14^th, 2025.

Exploits

ABB Exploit #1 - Indoushka published an exploit for two vulnerabilities in the ABB AC500.

ABB Exploit #2 - Indoushka published an exploit for a shell upload vulnerability in the ABB Cylon Aspect.

Foundstone Exploit - Ahmet Ümit Bayram published an exploit for a buffer overflow vulnerability in the Foundstone SuperScan product.

GE Proficy Exploit - Indoushka published an exploit for a directory traversal vulnerability in the GE Proficy Cimplicity 7 product.

VMware Exploit - Indoushka published an exploit for an ASP.NET misconfiguration: use of identity impersonation vulnerability in the VMware vCenter Server product.

WinTR Exploit - Ahmet Ümit Bayram published an exploit for a command injection vulnerability in the WinTR Scada product.

Yokogawa Exploit - Indoushka published an exploit for an improper restriction of operation within the bounds of a memory buffer vulnerability in the Yokogawa CENTUM CS 3000.

 

For more information on these disclosures, including links to 3^rd party advisories, researcher reports, and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-3-fdf - subscription required.