Monday, June 22, 2026

Review - Public ICS Disclosures – Week of 6-13-26 – Part 3

For Part 3 we have 10 vendor updates from CODESYS (4), D-Link (2), FortiGuard, HP, Moxa (2). There are two researcher reports for vulnerabilities in products from Phoenix Contact and Sprecher Automation. Finally, we have two exploits for products from D-Link and Genetec. 

Updates  

CODESYS Update #1 - CODESYS published an update for their Auditlog advisory that was originally published on March 24th, 2026. 

CODESYS Update #2 - CODESYS published an update for their Control advisory that was originally published on May 21st, 2026, and most recently updated on May 26th, 2026. 

CODESYS Update #3 - CODESYS published an update for their Control advisory that was originally published on May 21st, 2026, and most recently updated on May 26th, 2026. 

CODESYS Updte #4 - CODESYS published an update for their Control V3 advisory that was originally puublished on March 24th, 2026. 

D-Link Advisory #1 - D-Link published an update for their DWR-921 advisory that was originally published on April 22nd, 2021.  

D-Link Advisory #2 - D-Link published an update for their DCS-935L advisory that was originally published on September 12th, 2025. 

FortiGuard Update - FortiGuard published an update for their FortiOS advisory that was originally published on June 10th, 2025. 

HP Update - HP published an update for their Intel Chipset advisory that was originally published on October 17th, 2025, and most recently updated on March 19th, 2026. 

Moxa Update #1 - Moxa published an update for their Linux Kernel advisory that was originally published on May 26th, 2026. 

Moxa Update #2 - Moxa published an update for their NPort 5000 Series advisory that was originally published on October 3rd, 2023, and most recently updated on October 23rd, 2023. 

Researcher Reports  

Phoenix Contact Report - Nozomi Networks published a report that describes six vulnerabilities in the Phoenix Contact PLCnext product. 

Sprecher Report - SEC Consult published a report that describes seven vulnerabilities in the Sprecher SPRECON-E-C/-E-P/-E-T3 systems. 

Exploits  

D-Link Exploit - Indoushka published an exploit for a privlege escalation vulnerability in the D-Link DSL2600U routers. 

Genetec Exploit - Indoushka published an exploit for for an incorrect permission assignement for criitical resource vulnerability in the Genetec RabbitMQ. 


For more information on these disclosures, see my article at CFSN Detailed Analysis - - subscription required. 

Posted by at
Labels: , , , , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)
 
/* Use this with templates/template-twocol.html */