For Part 2 we have five additional vendor disclosures from Philips, Siemens, TP-Link (2), and WAGO. There are also two vendor updates from Mitsubishi. There are three researcher reports for products from NI. Finally, we have an exploit for products from ForitGuard.
Advisories
Philips Advisory - Philips published an advisory that discusses the ChipSoft ransomware issue.
Siemens Advisory - Siemens published a bulletin that discuses ‘Increasing Cyber Threats to Industrial Control Systems’.
TP-Link Advisory #1 - TP-Link published an advisory that describes a previously disclosed authentication bypass by spoofing vulnerability (listed in CISA’s Known Exploited Vulnerabilities catalog) in legacy TP-Link router and access point products.
TP-Link Advisory #2 - TP-Link published an advisory that describes five vulnerabilities in their AX3000 Dual-Band Gigabit Wi-Fi 6 router.
WAGO Advisory - CERT-VDE published an advisory that describes a code injection vulnerability in the Web-based management function in multiple WAGO products.
Updates
Mitsubishi Update #1 - Mitsubishi published an update for their Information Tampering advisory that was originally published on August 5th, 2025, and most recently updated on September 18th, 2025.
Mitsubishi Update #2 - Mitsubishi published an update for their Information Tampering advisory that was originally published on May 15th, 2025, and most recently updated on January 8th, 2026.
Researcher Reports
NI Reports - Michael Heinzl published three reports about individual vulnerabilities in the LabVIEW product from NI.
NOTE: I mentioned the associated NI advisory in passing yesterday.
Exploits
FortiGuard Exploit - Mohammed Idrees Banyamer published an exploit for a relative path traversal vulnerability in the FortiGuard FortiWeb product.
For more information on these disclosures, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/publish/posts/detail/193961834/share-center - subscription required.
Posts
No comments:
Post a Comment