Review – Public ICS Disclosures – Week of 4-12-25

This week we have 14 vendor disclosures from ads-tech, Broadcom, Delta Electronics, GE Vernova (2), HP, HPE (2), Philips, Rockwell Automation, SEL (3), and WAGO. There are two vendor updates from Broadcom and Siemens. We also have three researcher reports for vulnerabilities in products from Eclipse. Finally, we have two exploits for products from Ruckus and FortiGuard.

Advisories

Ads-tech Advisory - CERT-VDE published an advisory that discusses three vulnerabilities (two with publicly available exploits) in the ads-tech IRF products.

Broadcom Advisory - Broadcom published an advisory that describes an input validation vulnerability in multiple Brocade products.

Delta Advisory - Delta published an advisory that describes three vulnerabilities in their ISPsoft product.

GE Advisory #1 - GE Vernova published an advisory that discusses four vulnerabilities in their NetworkST4 devices and Remote Operations Offering products.

GE Advisory #2 - GE Vernova published an advisory that discusses three vulnerabilities (all three listed in CISA’s KEV catalog) in unspecified GE products.

HP Advisory - HP published an advisory that describes a link following vulnerability in their Touchpoint Analytics Service.

HPE Advisory #1 - HPE published an advisory that describes an unauthorized access vulnerability in their Performance Cluster Manager.

HPE Advisory #2 - HPE published an advisory that describes an unauthorized access vulnerability in their Cray Data Virtualization Service.

Philips Advisory - Philips published an advisory that discusses a use after free vulnerability (with publicly available exploit) in multiple Philips products.

Rockwell Advisory - Rockwell published an advisory that describes two vulnerabilities in their ThinManager product.

SEL Advisory #1 - SEL published a software update notice that includes cybersecurity enhancements for their SEL-5032 acSELerator Architect Software.

SEL Advisory #2 - SEL published a software update notice that includes cybersecurity enhancements for their SEL-5702 Synchrowave Operations product.

SEL Advisory #3 - SEL published a software update notice that includes cybersecurity enhancements for their SEL-5231 SEL Configuration API.

WAGO Advisory - CERT-VDE published an advisory that discusses the Year 2038 problem.

Updates

Broadcom Update - Broadcom published an update for their Fabric OS advisory that was originally published on September 26^th, 2034, and most recently updated on February 27^th, 2025.

Siemens Update - Siemens published an update for their Industrial Edge Device Kit advisory that was originally published on April 8^th, 2025.

Researcher Reports

Eclipse Reports - Cisco Talos published three reports about individual vulnerabilities in the Eclipse ThreadX NetX Duo HTTP server.

Exploits

Ruckus Exploit - Korelogic published an exploit for an undocumented backdoor vulnerability in the Ruckus IoT Controller.

FortiGuard Exploit - Zach Hanley published a Metasploit module for an improper authentication vulnerability (listed in CISA’s KEV catalog) in multiple FortiGuard products.

 

For more information on these disclosures, including links to 3^rd party advisories, researcher reports, and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-4-971 - subscription required.