Review – Public ICS Disclosures – Week of 4-5-25 – Part 3

For Part 3 we have 23 vendor updates from Dell, FortiGuard, HP, Schneider (4), and Siemens (16). There are five researcher reports for vulnerabilities in products from MedDream. Finally, we have two exploits for products from HMS and Palo Alto Networks.

Updates

Dell Update - Dell published an update for their ThinOS advisory that was originally published on March 4^th, 2025, and most recently updated on March 18^th, 2025.

FortiGuard Update - FortiGuard published an update for their ipsec ike advisory that was originally published on January 14^th, 2025.

HP Update - HP published an update for their PC BIOS advisory that was originally published on October 24^th, 2024.

Schneider Update #1 - Schneider published an update for their Modicon M580 PLCs advisory that was originally published on January 14^th, 2025.

Schneider Update #2 - Schneider published an update for their VxWorks DHCP server advisory that was originally published on January 14^th, 2025.

Schneider Update #3 - Schneider published an update for their Modicon Controllers M340 advisory that was originally published on November 12^th, 2024.

Schneider Update #4 - Schneider published an update for their BadAlloc Vulnerabilities advisory that was originally published on November 9^th, 2021, and most recently updated on January 14^th, 2025.

Siemens Update #1 - Siemens published an update for their FTP Server of Nucleus RTOS advisory that was originally published on October 11^th, 2022, and most recently updated on May 14^th, 2024.

Siemens Update #2 - Siemens published an update for their Frame Aggregation advisory that was originally published on July 13^th, 2021, and most recently updated on April 12^th, 2022.

Siemens Update #3 - Siemens published an update for their SIMATIC S7-1500 advisory that was originally published on October 8^th, 2024, and most recently updated on March 11^th, 2025.

Siemens Update #4 - Siemens published an update for their Fortigate NGFW advisory that was originally published on February 11^th, 2025, and most recently update on March 11^th, 2025. Includes adding a new vulnerability with publicly available exploits.

Siemens Update #5 - Siemens published an update for their SIPROTEC 5 Devices advisory that was originally published on February 11^th, 2025, and most recently updated on March 11^th, 2025.

Siemens Update #6 - Siemens published an update for their Fortigate NGFW advisory that was originally published on July 9^th, 2024, and most recently updated on February 11^th, 2025.

Siemens Update #7 - Siemens published an update for their Siemens Industrial Products advisory that was originally published on February 14^th, 2023, and most recently updated on August 13^th, 2024.

Siemens Update #8 - Siemens published an update for their SIMATIC S7-1500 TM MFP advisory that was originally published on March 11^th, 2025.

Siemens Update #9 - Siemens published an update for their GNU/Linux subsystem advisory that was originally published on December 12^th, 2023, and most recently update on March 11^th, 2025.

Siemens Update #10 - Siemens published an update for their SIMATIC IPC DiagBase advisory that was originally published on February 11^th, 2025.

Siemens Update #11 - Siemens published an update for their Palo Alto Networks Virtual NGFW advisory that was originally published on July 9^th, 2024, and most recently updated on December 10^th, 2024.

Siemens Update #12 - Siemens published an update for their Palo Alto Networks PAN-OS advisory that was originally published on November 22^nd, 2024, and most recently updated on February 19^th, 2025.

Siemens Update #13 - Siemens published an update for their Insyde BIOS advisory that was originally published on February 22^nd, 2022, and most recently updated on November 14^th, 2023.

Siemens Update #14 - Siemens published an update for their GNU/Linux subsystem advisory that was originally published on March 9^th, 2024, and most recently updated on November 12^th, 2024. – Includes adding vulnerability that is listed in CISA’s Known Exploited Vulnerabilities (KEV) catalog.

Siemens Update #15 - Siemens published an update for their Webserver of SIMATIC Products advisory that was originally published on February 11^th, 2025, and most recently updated on March 11^th, 2025.

Siemens Update #16 - Siemens published an update for their Web Server of SIMATIC S7-1500 CPUs advisory that was originally published on October 8^th, 2024, and most recently updated on March 11^th, 2025.

Researcher Reports

MedDream Reports - ZDI published five reports describing individual vulnerabilities in the MedDream PACS Server. The

Exploits

HMS Exploit - CodeB0ss published an exploit for an OS command injection vulnerability in the HMS Cosy+ devices.

Palo Alto Networks Exploit - ByteHunter published an exploit for a missing authentication for critical function vulnerability in the Palo Alto Networks Expedition product.

 

For more information about these disclosures, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-4-741 - subscription required.