This is a moderately busy disclosure week. For Part 1 we have 11 vendor disclosures from Arista, Belden, Dell (2), Dassault, Genetec, HP (2), HPE (2), and iba.
Advisories
Arista Advisory - Arista published an advisory that discusses the AirSnitch attacks.
Belden Advisory - Belden published an advisory that describes a download of code without integrity check vulnerability in their Hirschmann Rail Data Diode.
Dell Advisory #1 - Dell published an advisory that discusses three vulnerabilities in their Wyse Management Suite.
Dell Advisory #2 - Dell published an advisory that describes two vulnerabilities in their Wyse Management Suite.
Dassault Advisory - Dassault published an advisory that describes a path traversal vulnerability in their SOLIDWORKS Visualize product.
NOTE: Dassault only provides access to advisories to registered owners.
Genetec Advisory - Genetec published an advisory that describes an insertion of sensitive information into a log file vulnerability in their Security Center systems main server installations.
HP Advisory #1 - HP published an advisory that discusses an insufficient granularity of access control vulnerability in their business notebook and desktop PCs.
HP Advisory #2 - HP published an advisory that discusses three vulnerabilities in their One Agent Software Bundled with HP Privacy Settings.
HPE Advisory #1 - HPE published an advisory that discusses an improper initialization vulnerability in their SimpliVity Servers.
HPE Advisory #2 - HPE published an advisory that discusses an improper access control for register interface vulnerability in their SimpliVity AMD Servers.
Iba Advisory - CERT-VDE published an advisory that describes a deserialization of untrusted data vulnerabilities in the iba ibaDatCoordinator and ibaPDA products.
For more information on these disclosures, including links to 3rd party advisories, researcher reports, and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-6-13-26-part - subscription required.
Posts
No comments:
Post a Comment