For Part 1 this week we have 11 vendor disclosures from ABB (3), Bosch, Broadcom, Dassault Systems (2), HPE, Philips, and Sick (2).
Advisories
ABB Advisory #1 - ABB published an
advisory that describes three vulnerabilities in their ABB Network Card.
ABB Advisory #2 - ABB published an
advisory that describes two vulnerabilities in their Automation Builder
product.
ABB Advisory #3 - ABB published an
advisory that discusses an access of uninitialized pointer vulnerability in
their Ekip Com IEC61850 product.
Bosch Advisory - Bosch
published an advisory
that describes 15 vulnerabilities (with publicly available exploits) in their Rexroth
AG ctrlX OS products.
Broadcom Advisory -
Broadcom published an
advisory that discusses two vulnerabilities in multiple Brocade products.
Dassault Systems Advisory #1 - Dassault Systems published
an
advisory that describes a use-after-free vulnerability in their SOLIDWORKS
eDrawings.
Dassault Systems Advisory #2 - Dassault Systems published
an
advisory that describes an out-of-bounds write vulnerability in their SOLIDWORKS
eDrawings application.
HPE Advisory - HPE
published an
advisory that discusses a heap-based buffer overflow vulnerability in their
Superdome Flex, Superdome Flex 280, and Compute Scale-up Server 3200 products.
Philips Advisory -
Philips published an advisory
that discusses the SAP NetWeaver
vulnerability.
Sick Advisory #1 - Sick published an advisory
that describes two vulnerabilities in their Flexi Compact products.
Sick Advisory #2 - Sick published an
advisory that describes 23 vulnerabilities in their picoScan and multiScan
products.
For more information on these disclosures, including links
to 3rd party advisories, researcher reports, and exploits, see my
article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-4-a52
- subscription required.
Posts
No comments:
Post a Comment