Review – Public ICS Disclosures – Week of 10-25-25

This week we have bulk vendor disclosures from HP (6). We have 11 additional vendor disclosures from Circutor, Hitachi Energy, HPE, Moxa, Philips, QNAP, Ruckus, Sick (2), Supermicro, and WatchGuard. There are bulk updates from HP (6). We have six additional vendor updates from ABB, Hitachi Energy, and Moxa (4). Finally, we have a researcher report of a vulnerability in products from MPDV Mikrolab.

Bulk Disclosures – HP

• HP Client Management Script Library – Security Update,

• AMD Graphics August 2025 Security Update,

• HP Card Readers (B Models) – Potential Information Disclosure,

• NVIDIA GPU Display Driver October 2025 Security Update,

• Intel Xeon Processor Firmware August 2025 Security Update,

• HP ThinPro 8.1 SP8 Security Updates.

Advisories

Circutor Advisory - INCIBE-CERT published an advisory that describes 12 vulnerabilities in the Circutor SGE-PLC100 and SGE-PLC50 concentrators.

Hitachi Energy Advisory - Hitachi Energy published an advisory that discusses the BlastRadius-Fail vulnerability.

HPE Advisory - HPE published an advisory that describes seven vulnerabilities in their Private Cloud AI product.

Moxa Advisory - Moxa published an advisory that discusses an inadequate encryption strength vulnerability in multiple Moxa product lines.

Philips Advisory - Philips published an advisory that discusses a Windows remote code execution vulnerability that is listed in the CISA Known Exploited Vulnerabilities (KEV) catalog.

QNAP Advisory - QNAP published an advisory that discusses an HTTP request/response smuggling vulnerability (with publicly available exploit) in their NetBak PC Agent.

Ruckus Advisory - Ruckus published an advisory that describes “a number of vulnerabilities in access control and privilege escalation” in their RUCKUS Network Director.

Sick Advisory #1 - Sick published an advisory that discusses an inclusion of functionality from untrusted control sphere vulnerability (listed in CISA’s KEV and has publicly available exploit) in their SID products.

Sick Advisory #2 - Sick published an advisory that describes six vulnerabilities in their TLOC100-100 product.

Supermicro Advisory - Supermicro published an advisory that discusses an improper handling of insufficient entropy vulnerability in multiple Supermicro products.

WatchGuard Advisory - WatchGuard published an advisory that describes a command injection vulnerability in their Mobile VPN product.

Bulk Updates – HP

• Intel Rapid Storage Technology Software August 2025 Security Update,

• HP Hotkey Support – Escalation of Privilege,

• NVIDIA GPU Display Driver January 2025 Security Update,

• NVIDIA GPU Display Driver July 2025 Security Update,

• Intel System Security Report and System Resources Defense, and

• Intel Graphics Software August 2025 Security Update

Updates

ABB Update - ABB published an update for their Terra AC wallbox advisory that was originally published on September 16^th, 2025, and most recently updated on October 9^th, 2025.

Hitachi Energy Update - Hitachi Energy published an update for their Asset Suite advisory that was originally published on September 30^th, 2025.

Moxa Update #1 - Moxa published an update for their Ethernet Switch advisory that was originally published on October 23^rd, 2025.

Moxa Update #2 - Moxa published an update for their Secure Routers advisory that was originally published on April 2^nd, 2025, and most recently updated on May 5^th, 2025.

Moxa Update #3 - Moxa published an update for their Secure Routers advisory that was originally published on April 2^nd, 2025.

Moxa Update #4 - Moxa published an update for their ICMP Timestamp advisory that was originally published on October 21^st, 2025.

Researcher Reports

MPDV Mikrolab Report - SEC Consult published a report that describes a path traversal vulnerability in the MPDV MIP 2, FEDRA 2, and HYDRA X Manufacturing Execution Systems.

 

For more information on these disclosures, including links to 3^rd party advisories, researcher reports, and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-10-0e8 - subscription required.