Review – Public ICS Disclosures – Week of 3-28-26 – Part 2

 For Part 2 we have six additional vendor disclosures from Dell, WAGO (2), WatchGuard (2), and Westermo. There are also six vendor updates from Hitachi Energy (2), HP (2), and HPE (2). Finally, we have an exploit for products from Gardyn. 

 

Advisories  

 

Dell Advisory - Dell published an advisory that discusses 118 vulnerabilities. 

WAGO Advisory #1 - CERT-VDE published an advisory that discusses two vulnerabilities in the WAGO Solution Builder and Device Sphere products. 

WAGO Advisory #2 - CERT-VDE published an advisory that discusses 45 vulnerabilities in the WAGO Visualization and Control Hub product. 

WatchGuard Advisory #1 - WatchGuard published an advisory that describes a path traversal vulnerability in their Firebox product family. 

WatchGuard Advisory #2 - WatchGuard published an advisory discusses two vulnerabilities in their Dimension and WebBlockerServer products. 

Westermo Advisory - Westermo published an advisory that describes an improper verification of cryptographic signature vulnerability in their Viper 3000 series products. 

 

Updates  

 

Hitachi Energy Update #1 - Hitachi Energy published an update for their GMS600 advisory that was originally published on November 4th, 2021. 

Hitachi Energy Update #2 - Hitachi Energy published an update for their PWC600 advisory that was originally published on November 4th, 2021. 

HP Update #1 - HP published an update for their Intel Graphics advisory that was originally published on November 11th, 2025. 

HP Update #2 - HP published an update for their LaserJet advisory that was originally published on November 13th, 2025, and most recently updated on December 10th, 2025. 

HPE Update #1 - HPE published an update for their ProLiant DL advisory that was originally published on February 10th, 2026. 

HPE Update #2 - HPE published an update for their Aruba Networking AOS advisory that was originally published on March 4th, 2026. 

 

Exploit  

 

Gardyn Exploit - Michael Adam Groberman published an exploit for six vulnerabilities in the Gardy Home Kit. 

 

 

For more information on these disclosures see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-3-8c0 - subscription required.