Review – Public ICS Disclosures – Week of 4-4-26 – Part 1

 This week we have bulk vendor disclosures from NI (5) and Palo Alto Networks (6). There are also nine other vendor disclosures from Arista, Helmholz, Hitachi (3), HPE (3), and Moxa. 

Bulk Advisories – NI  

• NI Security Update for CVE-2026-0954 and CVE-2026-0957, 

• NI Security Update for CVE-2026-0955 and CVE-2026-0956, 

• NI Security Update for CVE-2026-32860, 

• NI Security Update for CVE-2026-32861,  

• NI Security Update for CVE-2026-32862, CVE-2026-32863, and CVE-2026-32864. 

Bulk Advisories – Palo Alto Networks  

• CVE-2026-0234 Cortex XSOAR: Improper Verification of Cryptographic Signature in Microsoft Teams integration,  

• PAN-SA-2026-0004 Chromium: Monthly Vulnerability Update (April 2026), 

• CVE-2026-0233 Autonomous Digital Experience Manager: Improper validation of ADEM certificate, 

• CVE-2026-0232 Cortex XDR Agent: Local Administrator can disable the agent on Windows, 

• PAN-SA-2026-0005 Informational Bulletin: OSS CVEs Fixed in PAN-OS, and 

• PAN-SA-2026-0006 Informational Bulletin: Impact assessment of OSS CVEs in PAN-OS 

Advisories  

Arista Advisory - Arista published an advisory that discusses three vulnerabilities (two with publicly available exploits) in their EOS-based products. 

Helmholz Advisory - CERT-VDE published an advisory that discusses an exposure of sensitive information to unauthorized actor vulnerability in the Helmholz FLEXtra Profinet switches. 

Hitachi Advisory #1 - Hitachi published an advisory that describes two vulnerabilities in their JP1/IT Desktop Management 2 and JP1/NETM/DM products. 

Hitachi Advisory #2 - Hitachi published an advisory that discusses nine vulnerabilities in their Ops Center Common Services. 

Hitachi Advisory #3 - Hitachi published an advisory that discusses eight vulnerabilities (one with publicly available exploit) in their Ops Center Viewpoint product. 

HPE Advisory #1 - HPE published an advisory that discusses an improper restriction of operations within the bounds of a memory buffer in their SimpliVity Servers. 

HPE Advisory #2 - HPE published an advisory that discusses five vulnerabilities in their Superdome Flex, Superdome Flex 280 and Compute Scale-up Server 3200 Platform. 

HPE Advisory #3 - HPE published an advisory that describes an open redirect vulnerability in their Aruba Networking Private 5G Core On-Prem product. 

Moxa Advisory - Moxa published an advisory that describes an exposed IOCTL with insufficient access control vulnerability in their MxGeneralIo utility, for Industrial x86 Computers. 

For more information on these disclosures, including links to 3rd party advisories, researcher reports, and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-4-76b - subscription required.