Review – Public ICS Disclosures – Week of 2-28-26 – Part 2

For Part 2 we have five additional vendor updates from FortiGuard (2), GE Vernova, HPE, and VMware. There are 12 researcher reports about vulnerabilities in products from Biosig Project (3), Honeywell, and Philips (8). Finally, we have six exploits for products from Honeywell, Splunk, WatchGuard, and Wireshark (3).

Updates

FortiGuard Update #1 - FortiGuard published an update for their OpenSSL advisory that was originally published on January 30^th, 2026, and most recently updated on February25th, 2026.

FortiGuard Update #2 - FortiGuard published an update for their SSL-VPN bookmarks advisory that was originally published on October 14^th, 2025.

GE Vernova Update - GE published an update for their Universal Relay advisory that was originally published on December 14^th, 2025.

HPE Update - HPE published an update for their Aruba Networking EdgeConnect SD-WAN Orchestrator advisory that was originally published on January 14^th, 2026, and most recently updated on February 10^th, 2026.

VMware Update - Broadcom published an update for the VMware Aria Operations advisory that was originally published on February 24^th, 2026.

Researcher Reports

Biosig Reports - Cisco Talos published three reports about vulnerabilities in the Biosig Project libbiosig library.

Honeywell Report - Zero Science published a report that describes an improper authentication for critical function vulnerability (with publicly available exploit) in the Honeywell Trend IQ4 building controller.

Philips Reports - ZDI published eight reports of vulnerabilities in the Philips Hue Bridge product that were disclosed in a recent Pwn2Own contest.

Exploits

Honeywell Exploit - Indoushka published a Metasploit module for an improper authentication for critical function vulnerability in the Honeywell Trend IQ4 product.

Splunk Exploit - Indoushka published an exploit for a function call with incorrectly specified argument value vulnerability in the Splunk Enterprise product.

WatchGuard Exploit - WatchTowr published an exploit for an out-of-bounds write vulnerability in the WatchGuard Fireware OS product.

Wireshark Exploit #1 - Indoushka published an exploit for an allocation of resources without limit or throttling vulnerabilities in the Wireshark USB HID Protocol Dissector.

Wireshark Exploit #2 - Indoushka published an exploit for a buffer overread vulnerability in the Wireshark Dissector product.

Wireshark Exploit #3 - Indoushka published an exploit for a NULL pointer dereference vulnerability in the Wireshark Dissector product.

 

For more information on these disclosures, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-2-bb7 - subscription required.