Review – Public ICS Disclosures – Week of 11-8-25 – Part 2

For Part 2 we have seven additional vendor disclosures from Rockwell, Schneider (2), Splunk (3), and Supermicro. We have a bulk update from Siemens (18). There are five additional vendor updates from Dell and Schneider (4). Finally, we have two researcher reports about vulnerabilities in products from Ilevia and QNAP.

Advisories

Rockwell Advisory - Rockwell published an advisory that describes a stack-based buffer overflow vulnerability in their Arena Simulation product.

Schneider Advisory #1 - Schneider published an advisory that describes three vulnerabilities in their PowerChute Serial Shutdown product.

Schneider Advisory #2 - Schneider published an advisory that discusses a use of broken or risky cryptographic algorithm vulnerability in their EcoStruxure Machine SCADA Expert and Pro-face BLUE Open Studio products.

Splunk Advisory #1 - Splunk published an advisory that discusses a stack-based buffer overflow vulnerability in their Enterprise product.

Splunk Advisory #2 - Splunk published an advisory that describes an exposure of sensitive information to an unauthorized actor vulnerability in their Enterprise product.

Splunk Advisory #3 - Splunk published an advisory that describes an open redirect vulnerability in their Enterprise product.

Supermicro Advisory - Supermicro published an advisory that discusses a stale translation lookaside buffer (TLB) entry vulnerability in multiple Supermicro products.

Bulk Updates – Siemens

• Multiple Vulnerabilities in Fortigate NGFW on RUGGEDCOM APE1808 Devices,

• Multiple Vulnerabilities in Fortigate NGFW Before V7.4.3 on RUGGEDCOM APE1808 Devices,

• RADIUS Protocol Susceptible to Forgery Attacks (CVE-2024-3596) - Impact to SIPROTEC, SICAM and Related Products,

• Multiple Vulnerabilities in Fortigate NGFW Before V7.4.7 on RUGGEDCOM APE1808 Devices,

• Weak Encryption Vulnerability in SIPROTEC 5 Devices,

• Incorrect Privilege Assignment Vulnerability in Mendix OIDC SSO Module,

• Denial of Service Vulnerability in the OPC UA Implementations of SIMATIC Products,

• Multiple Vulnerabilities in Fortigate NGFW Before V7.4.4 on RUGGEDCOM APE1808 Devices,

• Accessible Development Shell via Physical Interface in SIPROTEC 5,

• Multiple Web Server Vulnerabilities in SICAM GridEdge Before V2.6.6,

• Denial of Service Vulnerability in SIPROTEC 5 Devices #1,

• Denial of Service Vulnerability in SIPROTEC 5 Devices #2,

• Client-Side Enforcement of Server-Side Security Vulnerabilities in RUGGEDCOM ROX II,

• DLL Hijacking Vulnerability in Siemens Web Installer used by the Online Software Delivery,

• Improper Access Control Vulnerability in SICAM GridEdge Before V2.7.3,

• Vulnerabilities in EFI variable of SIMATIC IPCs, SIMATIC Tablet PCs, and SIMATIC Field PGs, and

• Improper Limitation of Filesystem Access through Web Server Vulnerability in SIPROTEC 5.

Updates

Dell Update - Dell published an update for their ThinOS 10 advisory that was originally published on October 21^st, 2025.

Schneider Update #1 - Schneider published an update for their CODESYS Runtime advisory that was originally published on July 11^th, 2023, and most recently updated on August 12^th, 2025.

Schneider Update #2 - Schneider published an update for their Saitel DR advisory that was originally published on August 12^th, 2025.

Schneider Update #3 - Schneider published an update for their EcoStruxure Power Monitoring Expert advisory that was originally published on August 12^th, 2025, and most recently updated on October 14^th, 2025.

Schneider Update #4 - Schneider published an update for their FlexNet Publisher advisory that was originally published on January 14^th, 2025, and most recently updated on October 14^th, 2025.

Researcher Reports

Ilevia Report - Zero Science published a report describing an OS command injection vulnerability (with publicly available exploit) in the Ilevia EVE X1 Server.

QNAP Report - VulnCheck reports that they have added an exposure of sensitive information to an unauthorized actor vulnerability in the QNAP Photo Station product to the VulnCheck KEV list.

 

For more information on these disclosures, including links to 3^rd party advisories and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-11-ddc - subscription required.