Review – Public ICS Disclosures – Week of 11-15-25 – Part 1

This week we have bulk disclosures from FortiGuard (6). We have 11 additional vendor disclosures from ABB, Bosch (4), HPE (4), Mitsubishi, and Philips.

Bulk Disclosures - FortiGuard

• Stack buffer overflow in CAPWAP daemon,

• Stack buffer overflow in CAPWAP daemon,

• Authenticated CLI Commands Buffer Overflow,

• Credential leakage through debug commands,

• File scan result bypass, and

• Trusted hosts bypass via SSH.

Advisories

ABB Advisory - ABB published an advisory that describes an authentication bypass using alternate path or channel vulnerability in their Edgenius Management Portal.

Bosch Advisory #1 - Bosch published an advisory that discusses two vulnerabilities (one with a publicly available exploit) in their MAP 5000 family.

Bosch Advisory #2 - Bosch published an advisory that describes an inadequate encryption strength vulnerability in their MAP 5000 panel.

Bosch Advisory #3 - Bosch published an advisory that discusses a double free vulnerability in their MAP 5000 family.

Bosch Advisory #4 - Bosch published an advisory that describes a use of a broken or risky cryptographic algorithm vulnerability in their MAP 5000 family.

HPE Advisory #1 - HPE published an advisory that discusses three vulnerabilities in their Telco Service Activator.

HPE Advisory #2 - HPE published an advisory that discusses an improper isolation or compartmentalization vulnerability in their Compute Scale-up Server 3200 Platform Servers.

HPE Advisory #3 - HPE published an advisory that describes seven vulnerabilities (five with publicly available exploits) in their Aruba Networking Management Software (AirWave).

HPE Advisory #4 - HPE published an advisory that discusses 13 vulnerabilities (six with publicly available exploits) in their Aruba Networking AOS-CX.

Mitsubishi Advisory - Mitsubishi published an advisory that describes an uncontrolled search path element vulnerability in their MILCO.S lighting control system.

Philips Advisory - Philips published an advisory that discusses a Microsoft double free vulnerability that is listed in CISA’s Known Exploited Vulnerabilities (KEV) catalog.

 

For more information on these disclosures, including links to 3^rd party advisories and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-11-6f4 - subscription required.