Review – Public ICS Disclosures – Week of 4-19-25 – Part 2

For Part 2 we have two additional vendor disclosures from Trumpf, and Zyxel. There are five vendor updates from FortiGuard (2), HPE, Palo Alto Networks, and Rockwell Automation. There are six researcher reports for products from SonicWall and MedDream (5). Finally, we have an exploit for products from OpenSSH.

Advisories

Trumpf Advisory - CERT-VDE published an advisory that discusses an improper restriction of XML external entity reference vulnerability in multiple Trumpf products.

Zyxel Advisory - Zyxel published an advisory that describes two vulnerabilities in their USG FLEX H series firewalls.

Updates

FortiGuard Update #1 - FortiGuard published an update for their RADIUS Protocol advisory that was originally published on August 13^th, 2024, and most recently updated on March 14^th, 2025.

FortiGuard Update #2 - FortiGuard published an update for their fgfm connection advisory that was originally published on April 8^th, 2025, and most recently updated on April 11^th, 2025.

HPE Update - HPE published an update for their Cray Data Virtualization Service advisory that was originally published on April 18^th, 2025.

Palo Alto Networks Update - Palo Alto Networks published an update for their GlobalProtect App advisory that was originally published on April 9^th, 2025, and most recently updated on April 11^th, 2025.

Rockwell Update - Rockwell published an update for their ThinManager advisory that was originally published on April 15^th, 2025.

Researcher Reports

SonicWall Report - BishopFox published a report on a NULL pointer dereference vulnerability in the SonicWall Sonic OS product.

MedDream Reports - ZDI published five reports describing individual vulnerabilities in the MedDream PACS Server.

Exploits

OpenSSH Exploit - Milad Karimi published an exploit for a race condition vulnerability in the OpenSSH server.

 

For more information on these disclosures, including links to exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-4-d2e - subscription required.