For Part 2 this week we have three additional vendor disclosures from WAGO and Westermo (2). We also have four vendor updates from Dell (2), FortiGuard, and Moxa. There are three researcher reports of vulnerabilities in products from Geutebruck and Ilevia (2). Finally, we have an exploit for products from WatchGuard.
Advisories
WAGO Advisory - CERT-VDE
published an advisory
that discusses three vulnerabilities in multiple WAGO products.
Westermo Advisory #1 - Westermo published an
advisory that describes a path traversal vulnerability in their WeOS5 operating
system.
Westermo Advisory #2 - Westermo published an advisory that describes a command injection vulnerability in their WeOS 5 operating system.
Vendor Updates
Dell Update #1 - Dell published an
update for their EMC Ruckus Wireless Controller advisory that was
originally published on December 17th, 2021.
Dell Update #2 - Dell published an
update for their Windows IoT Enterprise LTSC advisory that was originally
published on October 31st, 2025.
FortiGuard Update -
FortiGuard published an update for their cw_stad daemon advisory that was
originally published on July 8th, 2025.
Moxa Update - Moxa published an update for their Diffie-Hellman Key Exchange advisory that was originally published on June 2nd, 2025.
Researcher Reports
Geutebruck Report -
Black Lantern Security published a
report about an SQL injection vulnerability in the Geutebruck G-Cam Series
Cameras.
Ilevia Reports - Zero Science published three reports about vulnerabilities in the Ilevia EVE X1/X5 Server.
Exploits
WatchGuard Exploit - Chanakya Neelarapu and Mark Gibson published an exploit for a use of default credentials vulnerability in the Watch Guard Firebox devices.For more information on these disclosures, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-11-42e - subscription required.
Posts
No comments:
Post a Comment