Review – Public ICS Disclosures – Week of 2-21-26 - Part 1

We have a busy disclosure week. For Part 1 we have 17 vendor disclosures from ABB (2), Dell, Festo, Fujitsu, Hitachi (2), Hitachi Energy (3), HP (2), HPE (3), Sick, and Supermicro.

Advisories

ABB Advisory #1 - ABB published an advisory that discusses an insecure default initialization of resource vulnerability in their Automation Builder product.

ABB Advisory #2 - ABB published an advisory that discusses three vulnerabilities in their AC500 V3 products.

Dell Advisory - Dell published an advisory that describes four vulnerabilities in their Wyse Management Suite.

Festo Advisory - CERT-VDE published an advisory that 126 vulnerabilities in the Festo Automation Suite product. These are third-party (CODESYS) vulnerabilities.

Fujitsu Advisory - JP-CERT published an advisory that describes an out-of-bounds write vulnerability in the Fujitsu Fujitsu BIOS Driver.

Hitachi Advisory #1 - Hitachi published an advisory that describes an insertion of sensitive information into a log file vulnerability in their Configuration Manager and Ops Center API Configuration Manager products.

Hitachi Advisory #2 - Hitachi published an advisory that describes an insertion of sensitive information into a log file vulnerability in their Configuration Manager and Ops Center API Configuration Manager products.

Hitachi Energy Advisory #1 - Hitachi Energy published an advisory that describes four vulnerabilities (one with publicly available exploit) in their RTU500 series CMU Firmware.

Hitachi Energy Advisory #2 - Hitachi Energy published an advisory that describes two vulnerabilities in their Relion REB500 Product.

Hitachi Energy Advisory #3 - Hitachi Energy published an advisory that discusses a deserialization of untrusted data vulnerability in their Ellipse product.

HP Advisory #1 - HP published an advisory that discusses four vulnerabilities (two with publicly available exploits) in their LaserJet Enterprise and LaserJet Managed Printers.

HP Advisory #2 - HP published an advisory that describes three improper check for unusual or exceptional conditions vulnerabilities in multiple product lines utilizing the Intel NPU driver.

HPE Advisory #1 - HPE published an advisory that describes an authentication bypass vulnerability in their AutoPass License Server (APLS).

HPE Advisory #2 - HPE published an advisory that discusses an improper restriction of operations within the bounds of a memory buffer vulnerability in their ProLiant AMD DL/XL Servers.

HPE Advisory #3 - HPE published an advisory that discusses an improper restriction of operations within the bounds of a memory buffer vulnerability in their SimpliVity Servers.

Sick Advisory - Sick published an advisory that describes two use of risky or broken cryptographic algorithm vulnerabilities in their LMS1000 and MRS1000 products.

Supermicro Advisory - Supermicro published an advisory that discusses an improper restriction of operations within the bounds of a memory buffer vulnerability in multiple products.

 

For more information on these disclosures, including links to 3^rd party advisories, researcher reports, and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-2-805 - subscription required.

Review – Public ICS Disclosures – Week of 1-17-26 – Part 1

We have a moderately busy disclosure week. For Part 1 we have 10 vendor disclosures from Beckhoff, Belden, B&R Automation (2), Carrier, Fujitsu, Hitachi, and HPE (3).

Advisories

Beckhoff Advisory - CERT-VDE published an advisory that describes a cross-site scripting vulnerability in their TwinCAT 3 HMI Server.

Belden Advisory - Belden published an advisory that discusses an improper handling of length parameter inconsistency vulnerability (that is listed in CISA’s KEV catalog) in their Connectivity Suite product.

B&R Advisory #1 - B&R published an advisory that describes an allocation of resources without limit or throttling vulnerability in their Automation Runtime products.

B&R Advisory #2 - B&R published an advisory that describes an improper certificate validation vulnerability in their Automation Studio product.

Carrier Advisory - Carrier published an advisory that describes a storing password in a recoverable format vulnerability in their Automated Logic WebCTRL and Carrier i-Vu products.

Fujitsu Advisory - CERT-JP published an advisory that describes an uncontrolled search path element vulnerability in the Fujitsu ServerView Agents for Windows.

Hitachi Advisory - Hitachi published an advisory that discusses 28 vulnerabilities in their Disk Array systems.

HPE Advisory #1 - HPE published an advisory that discusses 19 vulnerabilities (4 with publicly available exploits, 1 listed in KEV catalog) in their Telco Universal SLA Management product.

HPE Advisory #2 - HPE published an advisory that discusses an out-of-bounds rite vulnerability in their Telco IP product (ONMS Adapter).

HPE Advisory #3 - HPE published an advisory that describes a privilege escalation vulnerability in multiple HPE products utilizing the Alletra OS.

 

For more information on these disclosures, including links to 3^rd party advisories, researcher reports, and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-1-407 - subscription required.

Review – Public ICS Disclosures – Week of 1-3-26

This is a relatively light disclosure week. We have four vendor disclosures from ABB, Fujitsu, Dell, and Moxa. There are also five vendor updates from HP, HPE, Mitsubishi, and Moxa (2). We also have a researcher report for products from WatchGuard. Finally, we have two exploits for products from Bio-Formats (2).

Advisories

ABB Advisory - ABB published an advisory that describes three vulnerabilities in their WebPro SNMP Card PowerValue product.

Fujitsu Advisory - JP-CERT published an advisory that describes origin validation error in the Fujitsu Security Solution AuthConductor Client Basic V2.

Dell Advisory - Dell published an advisory that discusses 36 vulnerabilities in their Windows IoT Enterprise LTSC.

Moxa Advisory - Moxa published an advisory that discusses an quoted search path vulnerability in their ethernet switches.

Updates

HP Update - HP published an update for the Intel Ethernet I219 Software advisory that was originally published on February 11^th, 2025, and most recently updated on April 24^th, 2025.

HPE Update - HPE published an update for their ProLiant DL/ML/XD Alletra advisory that was originally published on December 12^th, 2025.

Mitsubishi Update - Mitsubishi published an update for their GENESIS64 advisory that was originally published on July 19^th, 2022, and most recently updated on July 24^th, 2025.

Moxa Update #1 - Moxa published an update for their ICMP Timestamp Request advisory that was originally published on October 21^st, 2025, and most recently updated on December 8^th, 2025.

Moxa Update #2 - Moxa published an update for their Diffie-Hellman Key Exchange Protocol advisory that was originally published on June 2^nd, 2025, and most recently updated on November 3^rd, 2025.

Researcher Reports

WatchGuard Report - Lutra Security published a report that describes a command injection vulnerability in the WatchGuard Mobile VPN.

Exploits

Bio-Formats Exploit #1 - Ron Edgerson published an exploit for a deserialization of untrusted data vulnerability in the Bio-Formats Memoizer Cache Files.

Bio-Formats Exploit #2 - Ron Edgerson published an exploit for an improper restriction of external XML entity reference vulnerability in Bio-Formats Leica Microsystems XML Parser.

 

For more information on these disclosures, including links to 3^rd party advisories, researcher reports, and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-1-c27 - subscription required.

Review – Public ICS Disclosures – Week of 7-13-24

This week we have three vendor disclosures on the regreSSHion vulnerability from Bosch, Broadcom, HMS  We have 14 additional vendor disclosures from ABB, Dell, Fujitsu, Hitachi, HP (4), HPE (3), Rockwell (2), and Wireshark. There are also five vendor updates from BD and HPE (4). Finally, we have four researcher reports about vulnerabilities in products from Asus, Synology, and Unitronics (2).

RegreSSHion Advisories

Bosch published an advisory that lists affected products and fixed versions.

Broadcom published an advisory that lists the products that are not affected.

HMS published an advisory that lists the affected products and announces that fixes have been applied.

Advisories

ABB Advisory - ABB published an advisory that describes an unquoted search path or element vulnerability in their Mint Workbench product.

Dell Advisory - Dell published an advisory that lists a large number (nope, I am not counting them all) of 3^rd party vulnerabilities in their ThinOS product.

Fujitsu Advisory - JP-CERT published an advisory that describes a path traversal vulnerability in the Fujitsu Network Edgiot GW1500 product.

Hitachi Advisory - Hitachi published an advisory that discusses 42 vulnerabilities in their Disc Array Systems products.

HP Advisory #1 - HP published an advisory that describes a buffer overflow vulnerability in multiple desk top computers.

HP Advisory #2 - HP published an advisory that describes two privilege escalation vulnerabilities in their display control software.

NOTE: The HP Security Bulletins page lists two additional advisories (here and here), but neither page currently opens.

HPE Advisory #1 - HPE published an advisory that describes a remote bypass of a security restriction vulnerability in their 3PAR Service Processor Software.

HPE Advisory #2 - HPE published an advisory that discusses 17 vulnerabilities (one with known exploits) in their Unified OSS Console Assurance Monitoring (UOCAM) product.

HPE Advisory #3 - HPE published an advisory that discusses two vulnerabilities in their ProLiant DL/ML/XL, Synergy, Edgeline and Alletra Servers.

Rockwell Advisory #1 - Rockwell published an advisory that describes an improper input validation vulnerability in their SequenceManager Server.

Advisory #2 - Rockwell published an advisory that describes an improper input validation vulnerability in their 5015 – AENFTXT product.

Wireshark Advisory - Wireshark published an advisory that describes a packet injection vulnerability in their SPRT dissector product.

Updates

BD Update - BD published an update for their Third-Party ESET advisory that was originally published on March 29^th, 2024.

HPE Update #1 - HPE published an update for their Intel Thunderbolt Driver advisory that was originally published on May 14^th, 2024 and most recently updated on June 17^th, 2024.

HPE Update #2 - HPE published an update for their Intel PROSet/Wireless WiFi and Bluetooth advisory that was originally published on May 14^th, 2024 and most recently updated on June 17^th, 2024.

HPE Update #3 - HPE published an update for their Intel Chipset Device Software advisory that was originally published on June 28^th, 2024.

HPE Update #4 - HPE published an update for their Intel 2024.1 IPU - Chipset Software advisory that was originally published on March 13^th, 2024 and most recently updated on April 10^th, 2024.

Researcher Reports

Asus Report - BugProve published a report describing a stack-based buffer overflow vulnerability in the Asus RT-AC87U router.

Synology Report - Claroty published a report that describes a classic buffer overflow vulnerability in the Synology BC 500 IP camera.

Unitronics Reports - Claroty published two reports about individual vulnerabilities in the Unitronics Vision Plc.

 

For more information about these disclosures, including links to 3rd party advisories and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-7-3e2 - subscription required.

Review – Public ICS Disclosures – Week of 5-18-24

This week we have 13 vendor disclosures from Broadcom (3), Cisco, Fujitsu, HP (2), HPE, Philips, QNAP, WAGO (2), WithSecure, and Zyxel. We also have two vendor updates from Broadcom and HPE. Finally, we have ten researcher reports for products from FortiGuard, Honeywell, Mitsubishi, Siemens, TP-Link (5), and TVT.

Advisories

Broadcom Advisory #1 - Broadcom published an advisory that discusses a deserialization of untrusted data vulnerability in their Brocade Fabric OS, Brocade SANnav, and Brocade Support Link products.

Broadcom Advisory #2 - Broadcom published an advisory that discusses six inadequate access control vulnerabilities in their Brocade SANnav product.

Broadcom Advisory #3 - Broadcom published an advisory that describes a missing authentication for critical resource vulnerability in their Brocade SANnav product.

Cisco Advisory - Cisco published an advisory that describes an authentication bypass by spoofing vulnerability in their Snort 3 HTTP Intrusion Prevention System.

Fujitsu Advisory - Fujitsu published an advisory that discusses four vulnerabilities in multiple Fujitsu products.

HP Advisory #1 - HP published an advisory that describes a cross-site scripting vulnerability in their LaserJet Pro devices.

HP Advisory #2 - HP published an advisory that describes an SMTP server information disclosure vulnerability in their Laser Jet Pro printers.

NOTE: This link to this advisory is currently leading to a blank page.

HPE Advisories - HPE published 46 Critical Product Security Vulnerability Alerts. See this post for background information on these products.

Philips Advisory - Philips published an advisory that discusses the HPE authorization bypass through user-controlled key vulnerability.

QNAP Advisory - QNAP published an advisory that describes five vulnerabilities in their QTS and QuTS hero products.

WAGO Advisory #1 - CERT-VDE published an advisory that discusses 17 vulnerabilities in multiple WAGO products.

WAGO Advisory #2 - CERT-VDE published an advisory that discusses two vulnerabilities in WAGO Navigator.

WithSecure Advisory - WithSecure published an advisory that describes a link following vulnerability in their Windows endpoint product.

Zyxel Advisory - Zyxel published an advisory that describes two classic buffer overflow vulnerabilities in their 5G NR/4G LTE CPE, DSL/Ethernet CPE, fiber ONT, and WiFi extender.

Updates

Broadcom Update - Broadcom published an update for their remote code execution advisory that was originally published on April 1^st, 2024.

HPE Update - HPE published an update for their Aruba ArubaOS advisory that was originally published on April 30^th, 2024.

Researcher Reports

FortiGuard Report - Horizon3 published a report describing an OS command injection vulnerability in the Fortinet FortiSIEM product.

Honeywell Report - Claroty published a report describing two vulnerabilities in the Honeywell ControlEdge Virtual Unit Operations Center (UOC).

Mitsubishi Report - Positive Technologies published a report describing five vulnerabilities in the Mitsubishi MELSEC System Q and MELSEC System L series PLC processor modules.

Siemens Report - SEC Consult published a report describing an exposed serial shell vulnerability on multiple Siemens PLCs.

TP-Link Reports - ZDI published five reports of vulnerabilities in the TP-Link TP-Link Omada ER605 PPTP VPN.

TVT Report - SSD-Disclosure published a report that describes an exposure of sensitive information vulnerability in the TVT NVMS9000 surveillance management system.

 

For more information on these disclosures, including links to 3rd party advisories and researcher reports, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-5-329 - subscription required.

Review – Public ICS Disclosures – Week of 2-9-24 – Part 1

This week we have 25 vendor disclosures from Bosch (2), FortiGuard (3), Fujitsu, GE Vernova, Hitachi (6), Honeywell, HP (4), Insyde, Korenix, Palo Alto Networks (3), Philips, and Phoenix Contact.

Advisories

Bosch Advisory #1 - Bosch published an advisory that discusses seven vulnerabilities in multiple Bosch products.

Bosch Advisory #2 - Bosch published an advisory that describes five vulnerabilities in their Remote Programing Software.

FortiGuard Advisory #1 - FortiGuard published an advisory that describes an improper authentication vulnerability in their FortiOS products.

FortiGuard Advisory #2 - FortiGuard published an advisory that describes an authentication bypass through user controlled key vulnerability in their FortiOS and FortiProxy products.

FortiGuard Advisory #3 - FortiGuard published an advisory that describes two vulnerabilities in their FortiOS and FortiProxy products.

Fujitsu Advisory - Fujitsu published an advisory that discusses 11 vulnerabilities in multiple Fujitsu products.

GE Vernova Advisory - GE Vernova published an advisory that discusses four vulnerabilities (two listed in CISA’s Known Exploited Vulnerabilities catalog) in multiple products.

Hitachi Advisor #1 - Hitachi published an advisory that discusses an internal state disruption vulnerability in their Cosminexus HTTP Server.

Hitachi Advisory #2 - Hitachi published an advisory that describes an uncontrolled resource consumption vulnerability in their Cosminexus HTTP Server.

Hitachi Advisory #3 - Hitachi published an advisory that discusses an improper input validation vulnerability in their Cosminexus HTTP Server.

Hitachi Advisory #4 - Hitachi published an advisory that discusses the HTTP/2 Rapid Reset Attack (listed on CISA’s KEV catalog) vulnerability in their Cosminexus HTTP Server.

Hitachi Advisory #5 - Hitachi published an advisory that discusses an incomplete cleanup vulnerability in their Cosminexus Component Container.

Hitachi Advisory #6 - Hitachi published an advisory that describes an insertion of sensitive information into log file vulnerability in their Cosminexus Component Container.

Honeywell Advisory - Honeywell published an end-of-life notice for their e S3100 portfolio.

HP Advisory #1 - HP published an advisory that describes a privilege escalation vulnerability in multiple HP computers.

HP Advisory #2 - HP published an advisory that discusses four vulnerabilities in multiple HP computers.

Insyde Advisory - Insyde published an advisory that describes a UEFI variable modification vulnerability in their H2OFFT, H2OUVE, and H2OOAE products.

Korenix Advisory - INCIBE-CERT published an advisory that describes an exposure of sensitive information to an unauthorized actor vulnerability in the Korenix JetI/O 6550 F208 product.

Palo Alto Networks Advisory #1 - Palo Alto Networks published an advisory that describes an improper privilege management vulnerability in their PAN-OS product.

Palo Alto Networks Advisory #2 - Palo Alto Networks published an advisory that describes an improper privilege management vulnerability in their GlobalProtect App.

Palo Alto Networks Advisory #3 - Palo Alto Networks published an advisory that describes an improper privilege management vulnerability in their GlobalProtect App.

Philips Advisory - Philips published an advisory that discusses two use-after-free vulnerabilities in the Imaging Data Commons libdicom.

Phoenix Contact Advisory - Phoenix Contact published an advisory that describes 13 vulnerabilities in their CHARX SEC-3xxx charge controllers.

 

For more information on these advisories, including links to 3rd party advisories, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-2-c78 3-16-24

 - subscription required.

Review – 2 Advisories and 1 Update Published – 9-12-23

Today, CISA’s NCCIC-ICS published two control system security advisories for products from Fujitsu Software and Hitachi Energy. They also updated an advisory for products from Mitsubishi.

Advisories

Fujitsu Advisory - This advisory describes a cleartext storage of sensitive information vulnerability in the Fujitsu Infrastructure Manager.

Hitachi Energy Advisory - This advisory discusses four vulnerabilities in the Hitachi Energy Lumada Asset Performance Management (APM) Edge.

NOTE: The link to the Hitachi Energy’s version of this advisory returns a ‘does not exist’ error message. Here is a good link.

Updates

Mitsubishi Update - This update provides additional information on an advisory that was originally published on May 23^rd, 2023 and most recently updated on July 6^th, 2023.

 

For more details about these advisories, including links to third-party advisories, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/2-advisories-and-1-update-published-a0f - subscription required.

Review – 2 Advisories Published – 9-5-23

Today, CISA’s NCCIC-ICS published a control system security advisory for products from Fujitsu and a medical device security advisory for products from Softneta.

Advisories

Fujitsu Advisory - This advisory describes a use of hard-coded credentials vulnerability in the Fujitsu Real-time Video Transmission Gear "IP series".

Softneta Advisory - This advisory describes two vulnerabilities in the Softneta MedDream picture archiving and communication system (PACS).

 

For more details about these vulnerabilities, including a down-the-rabbit-hole look at Softneta vulnerability disclosure process, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/2-advisories-published-9-5-23 - subscription required.

Review – Public ICS Disclosures – Week of 8-5-23 – Part 1

This week we have 24 vendor disclosures from ABB, AUMA (2), Belden, Broadcom (3), Fujitsu, HP (6), HPE (2), Phoenix Contact (3), Rockwell, Sierra Wireless, Texas Instruments (2), Western Digital, and Zyxel.

Advisories

ABB Advisory - ABB published an advisory that describes two vulnerabilities in their Freelance AC 900F and AC 700F products.

AUMA Advisory #1 - CERT-VDE published an advisory that discusses a cross-site scripting vulnerability in their Master Station product.

AUMA Advisory #2 - CERT-VDE published an advisory that discusses an out-of-bounds write vulnerability in their Master Station product.

Belden Advisory - Belden published an advisory that discusses an out-of-bounds write vulnerability in their Hirschmann Owl product.

Broadcom Advisory #1 - Broadcom published an advisory that discusses a cleartext transmission of sensitive information vulnerability in their Brocade Fabric OS.

Broadcom Advisory #2 - Broadcom published an advisory that discusses a use after free vulnerability in their Brocade Fabric OS.

Broadcom Advisory #3 - Broadcom published an advisory that discusses an uncontrolled recursion vulnerability in their Brocade Fabric OS.

Fujitsu Advisory - Fujitsu published an advisory that discusses eleven vulnerabilities in multiple products.

HP Advisory #1 - HP published an advisory that discusses three vulnerabilities in multiple products.

HP Advisory #2 - HP published an advisory that discusses five vulnerabilities in multiple products.

HP Advisory #3 - HP published an advisory that discusses an insufficient input validation vulnerability in multiple HP products.

HP Advisory #4 - HP published an advisory that discusses a privilege escalation vulnerability in multiple HP products.

HP Advisory #5 - HP published an advisory that discusses a privilege escalation vulnerability in multiple HP products.

HP Advisory #6 - HP published an advisory that discusses six vulnerabilities in multiple HP products.

HPE Advisory #1 - HPE published an advisory that discusses the Inception vulnerability in their ProLiant AMD Servers.

HPE Advisory #2 - HPE published an advisory that discusses the Inception vulnerability in their ProLiant AMD Servers.

Phoenix Contact Advisory #1 - Phoenix Contact published an advisory that discusses eleven vulnerabilities in their PLCnext Engineer.

Phoenix Contact Advisory #2 - Phoenix Contact published an advisory that describes two vulnerabilities in their TC ROUTER and TC CLOUD CLIENT products.

Phoenix Contact Advisory #3 - Phoenix Contact published an advisory that describes 14 vulnerabilities in their WP 6xxx Web panels.

Rockwell Advisory - Rockwell published an advisory that described an incorrect calculation vulnerability in their Armor PowerFlex product.

Sierra Wireless Advisory - Sierra Wireless published an advisory that talks about recent cyberattacks on their AirLink Connection Manager products.

Texas Instruments Advisory #1 - Texas Instruments published an advisory that describes a PN reuse vulnerability in their WL18xx products.

Texas Instruments Advisory #2 - Texas Instruments published an advisory that describes an integer overflow vulnerability in their SimpleLink™ CC32XX SDK.

Western Digital Advisory - Western Digital published an advisory that describes 17 vulnerabilities in their My Cloud Home, My Cloud Home Duo and SanDisk ibi products.

Zyxel Advisory - Zyxel published an advisory that talks about a command injection vulnerability in their P660HN-T1A DSL CPE product (this product is end-of-life) which was originally corrected in 2017.

 

For more of the details about these advisories, including links to 3^rd party advisories, researcher reports and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-8-258 - subscription required.

Review – Public ICS Disclosures – Week of 7-29-23 – Part 2

For Part 2 we have eight vendor updates for products from Broadcom (2), Fujitsu, Mitsubishi (2), Moxa (2), and Omron. Finally, we have 24 researcher reports for vulnerabilities in products from Inductive Automation (4), Triangle MicroWorks (12), and ZKTeco (8).

Updates

Broadcom Update #1 - Broadcom published an update for their Apache httpd advisory that was originally published on September 13^th, 2022.

Broadcom Update #2 - Broadcom published an update for their follow-redirects advisory that was originally published on September 13^th, 2023.

Fujitsu Update - JP-CERT published an update for their Si-R series advisory that was originally published on July 26^th, 2023.

Mitsubishi Update #1 - Mitsubishi published an update for their Genisis64 advisory that was originally published on July 19^th, 2023 and most recently updated on February 9^th, 2023.

Mitsubishi Update #2 - Mitsubishi published an update for their Genisis64 advisory that was originally published on December 13^th, 2022 and most recently updated on February 9^th, 2023.

Moxa Update #1 - Moxa published an update for their NPort 5110 Series advisory that was originally published on June 10^th, 2022 and most recently updated on July 28^th, 2023.

Moxa Update #2 - Moxa published an update for their multiple switch series advisory that was originally published on June 14^th, 2023 and most recently updated on July 7^th, 2023.

Omron Update - Omron published an update for their CX-Drive advisory that was originally published on April 24^th, 2023.

Researcher Reports

Inductive Automaton Reports - The Zero Day Initiative published four reports of individual vulnerabilities in the Inductive Automation Ignition product.

Triangle MicroWorks Reports - The Zero Day Initiative published 12 reports of individual vulnerabilities in the Triangle MicroWorks SCADA Gateway product.

ZKTeco Reports #1-4 - Claroty published four reports for individual vulnerabilities in the ZKTeco BioAccess product.

ZKTeco Reports #5-8 - Claroty published four reports for individual vulnerabilities in the ZKTeco BioTime product.

 

For more details about these disclosures, including summary of changes in advisories, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-7-bf5 - subscription required.

Review – Public ICS Disclosures – Week of 7-29-23 – Part 1 -

This week in Part 1 we have 80 vendor advisories from Aruba Networks, BD, Broadcom (45), CODESYS (5), Fujitsu, GE Gas Power, HP, HPE, Omron (3), Schweitzer Engineering Laboratory, Setelsa Security, Splunk, Tanzu (16), WAGO (2), and VMware.

For Part 2 I will look at vendor updates and researcher reports.

Advisories

Aruba Advisory - Aruba published an advisory that describes a command injection vulnerability in their CX Switches.

BD Advisory - BD published an advisory that discusses an incorrect authorization vulnerability in multiple products.

Broadcom Advisories - Broadcom published 45 advisories for third-party vulnerabilities in a variety of their products.

CODESYS Advisory #1 - CODESYS published an advisory that describes an improper restriction of excessive authentication attempts vulnerability in their Development System product.

CODESYS Advisory #2 - CODESYS published an advisory that describes an insufficient verification of data authenticity vulnerability in their Development System product.

CODESYS Advisory #3 - CODESYS published an advisory that describes an uncontrolled search path vulnerability in their Development System product.

CODESYS Advisory #4 - CODESYS published an advisory that describes 15 vulnerabilities in their Control V3 runtime systems products.

CODESYS Advisory #5 - CODESYS published an advisory that describes two vulnerabilities in their Control V3 runtime system products.

Fujitsu Advisory - Fujitsu published an advisory that describes an improper credential storage vulnerability in their Software Infrastructure Manager product.

GE Advisory - GE published an advisory that discusses a FortiOS stack-based buffer overflow vulnerability.

HP Advisory - HP published an advisory that describes an elevation of privilege vulnerability in some HP and Samsung Printer software packages.

HPE Advisory - HPE published an advisory that discusses 48 vulnerabilities in their Fibre Channel and SAN Switches.

Omron Advisory #1 - Omron published an advisory that describes three vulnerabilities in their CX-Programmer product.

Omron Advisory #2 - Omron published an advisory that describes an improper validation of specified type of input vulnerability in their CJ Series CJ2 CPU units.

Omron Advisory #3 - Omron published an advisory that discusses the INFRA:HALT vulnerabilities in their Multi-function Compact Inverter 3G3MX2.

SEL Advisory - SEL published an advisory that announces that a new version of their Synchrowave Linux Platform is available to fix an undescribed vulnerability by closing Port 10250 on k3s.

Setelsa Advisory - Incibe-CERT published an advisory that describes an SQL injection vulnerability in the Setelsa ConacWin access control platform.

Splunk Advisory - Splunk published an advisory that describes a log injection vulnerability in their SOAR product.

Tanzu Advisories - Tanzu published 16 advisories, each with multiple vulnerabilities in various products.

WAGO Advisory #1 - VDE-CERT published an advisory that discusses an authentication bypass by capture replay vulnerability in the WAGO 758-918 ETHERNET Gateways.

WAGO Advisory #2 - VDE-CERT published an advisory that discusses 15 vulnerabilities in multiple WAGO products.

VMware Advisory - VMware published an advisory that describes two vulnerabilities in their Horizon Server.

 

For more details on these disclosures, including links to researcher reports, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-7-4fa - subscription required.

Review – Public ICS Disclosure – Week of 7-22-23

This week we have 21 vendor disclosures from ABB (2), Aruba Networking, Belden (3), Bosch, Brocade (2), B&R, CODESYS, Fujitsu (3), Hitachi Energy (2), Honeywell, HPE, QNAP (2), and VMware. There is one researcher report for vulnerabilities in products from Advantech. Finally, we have two exploits for products from Western Digital and VMware.

Advisories

ABB Advisory #1 - ABB published an advisory that describes four vulnerabilities in their Ability™ zenon product.

ABB Advisory #2 - ABB published an advisory that describes an unquoted search path vulnerability in their AO-OPC product.

Aruba Advisory - Aruba published an advisory that describes four vulnerabilities in their Access Points products

Belden Advisory #1 - Belden published an advisory that discusses a NULL pointer dereference vulnerability in their Hirschmann HiSecOS.

Belden Advisory #2 - Belden published an advisory that discusses a cross-site scripting vulnerability in their Eagle firewall products.

Belden Advisory #3 - Belden published an advisory that discusses four vulnerabilities in their Hirschmann HiSecOS.

Bosch Advisory - Bosch published an advisory that discusses 30 vulnerabilities in their PRA-ES8P2S Ethernet-Switchs.

Broadcom Advisory #1 - Broadcom published an advisory that discusses a permission validation vulnerability in the BrocadeOS products.

Broadcom Advisory #2 - Broadcom published an advisory that discusses the MoveIT SQL injection vulnerability, which is on the CISA Known Exploited Vulnerabilities Catalog.

B&R Advisory - B&R published an advisory that describes an allocation of resources without limit or throttling vulnerability in the Portmapper service used in their Automation Runtime product.

CODESYS Advisory - CODESYS published an advisory that describes an exposure of resource to wrong sphere vulnerability in their Scripting addon.

Fujitsu Advisory #1 - Fujitsu published a notice about potential vulnerabilities being investigated based upon third-party advisories from Insyde.

Fujitsu Advisory #2 - JP CERT published an advisory that describes an authentication bypass vulnerability in the Fujitsu Si-R series and SR-M series network devices.

Fujitsu Advisory #3 - JP CERT published an advisory that describes a hard-coded credentials vulnerability in the Fujitsu IP Series Real-time Video Transmission Gear.

Hitachi Energy Advisory #1 - Hitachi published an advisory that discusses six vulnerabilities in their AFF66x Products. These are third-party vulnerabilities.

Hitachi Energy Advisory #2 - Hitachi published an advisory that describes two classic buffer overflow vulnerabilities in their RTU500 series product.

Honeywell Advisory - Honeywell published an end-of-life notice for their MAXPRO® VMS R600 and R630 / NVR6.0 & R6.3 products.

HPE Advisory - HPE published an advisory that describes a privilege escalation vulnerability in their Integrated Smart Update Tools (iSUT) for Windows.

QNAP Advisory #1 - QNAP published an advisory that discusses an OS command injection vulnerability in many of their products.

QNAP Advisory #2 - QNAP published an advisory that describes an insecure library loading vulnerability in their QVPN Device Client for Windows.

VMware Advisory - VMware published an advisory that describes an insertion of sensitive information into a log file vulnerability in their Tanzu Application Service for VMs.

Reports

Advantech Report - Tenable published a report that describes an SQL injection vulnerability in the Advantech iView.

Exploits

Western Digital Exploit - Remco Vermeulen published a Metasploit module for two vulnerabilities in the Western Digital MyCloud product.

VMware Exploit - H00die published a Metasploit module for a command injection vulnerability in the VMware Aria Operations for Networks product.

Review – Public ICS Disclosures – Week of 5-6-23 – Part 1 -

For Part 1 this week we have 34 vendor disclosures from Ads-Tec, Aruba, CONTEC, Fujitsu, HP (5), HPE (7), Insyde (2), Milestone (2), Palo Alto Networks (2), Rockwell (2), Tanzu (7), Texas Instruments, VMware, and WatchGuard.

Advisories

Ads-Tec Advisory - CERT-VDE published an advisory that discusses 18 vulnerabilities in the ads-tec IRF1000, IRF2000, and IRF3000 firewalls and routers.

Aruba Advisory - Aruba published an advisory that describes 13 vulnerabilities in their Access Points product.

CONTEC Advisory - JP-CERT published an advisory that describes five vulnerabilities in the CONTEC SolarView Compact product.

Fujitsu Advisory - Fujitsu published an advisory that discusses two vulnerabilities addressed in the 2023.2 INTEL Platform Update.

HP Advisory #1 - HP published an advisory that discusses 18 vulnerabilities in their products utilizing the AMD Client UEFI Firmware.

HP Advisory #2 - HP published an advisory that discusses four vulnerabilities in their products utilizing the Intel Virtual RAID on CPU.

HP Advisory #3 - HP published an advisory that discusses two vulnerabilities in their products utilizing the Intel 2023.2 IPU – BIOS.

HP Advisory #4 - HP published an advisory that discusses two vulnerabilities in their PC Hardware Diagnostics Windows, HP Image Assistant, and HP Thunderbolt Dock G2 Firmware.

HPE Advisory #1 - HPE published an advisory that discusses an exposure of information to wrong sphere vulnerability in their Proliant DX Servers.

HPE Advisory #2 - HPE published an advisory that discusses an exposure of information to wrong sphere vulnerability in their Apollo, XL Servers.

HPE Advisory #3 - HPE published an advisory that discusses an exposure of information to wrong sphere vulnerability in their Synergy Servers.

HPE Advisory #4 - HPE published an advisory that discusses an exposure of information to wrong sphere vulnerability in their StoreEasy Servers.

HPE Advisory #5 - HPE published an advisory that discusses 15 vulnerabilities in their ProLiant Gen10 and Gen10 Plus Servers.

HPE Advisory #6 - HPE published an advisory that discusses two vulnerabilities in their ProLiant DL/ML Servers.

HPE Advisory #7 - HPE published an advisory that discusses an exposure of information to wrong sphere vulnerability in their Superdome Flex Servers.

Insyde Advisory #1 - Insyde published an advisory that discusses an unchecked return value vulnerability in their BIOS PNG decoder libs.

Insyde Advisory #2 - Insyde published an advisory that describes an insufficient input validation vulnerability in various Intel Mobile Platforms.

Milestone Advisory #1 - Milestone published an advisory that describes a remote code execution vulnerability in their Management Server.

Milestone Advisory #2 - Milestone published an advisory that describes a remote code execution vulnerability in their Event Server.

Palo Alto Networks Advisory #1 - Palo Alto Networks published an advisory that describes a file disclosure vulnerability in their PAN-OS. The vulnerability was reported by Alex Hordijk.

Palo Alto Network Advisory #2 - Palo Alto Networks published an advisory that describes a cross-site scripting vulnerability in their PAN-OS software on Panorama appliances.

Rockwell Advisory #1 - Rockwell published an advisory that describes nine cross-site scripting vulnerabilities in their ArmorStart® ST 281E, and 284EE products.

Rockwell Advisory #2 - Rockwell published an advisory that describes a cross-site request forgery vulnerability in their FactoryTalk Vantagepoint product.

Tanzu Advisory #1 - Tanzu published an advisory that discusses an out-of-bounds write vulnerability in multiple Tanzu products.

Tanzu Advisory #2 - Tanzu published an advisory that discusses an off-by-one error vulnerability in multiple Tanzu products.

Tanzu Advisory #3 - Tanzu published an advisory that discusses an off-by-one error vulnerability in multiple Tanzu products.

Tanzu Advisory #4 - Tanzu published an advisory that discusses four vulnerabilities in multiple Tanzu products.

Tanzu Advisory #5 - Tanzu published an advisory that discusses a use of cryptographically weak PRNG vulnerability in multiple Tanzu products.

Tanzu Advisory #6 - Tanzu published an advisory that discusses six vulnerabilities in multiple Tanzu products.

Tanzu Advisory #7 - Tanzu published an advisory that discusses two vulnerabilities in multiple Tanzu products.

Texas Instruments Advisory - Texas Instruments published an advisory that describes a missing logic check vulnerability in their Wi-SUN® Stack.

VMware Advisory - VMware published an advisory that describes four vulnerabilities in their Aria Operations product.

WatchGuard Advisory - WatchGuard published an advisory that describes an arbitrary file read vulnerability in their Fireware OS products.

 

For more details on these disclosures, including links to 3^rd party advisories, researcher reports, and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-5-ba5 - subscription required.

Review – Public ICS Disclosures – Week of 2-11-23 – Part 1

While the Saturday after the 2^nd Tuesday is typically a heavy day for reporting control system security advisories, this particular Saturday is the worst that I have seen. To be able to get through all of the reporting I am going to have to resort to bulk listing of advisories for some vendors instead of my normal digest. I hope this will still be helpful.

This week we have 125 vendor disclosures from B&R (2), FortiGuard (40), Fujitsu, GE Gas Power, Hitachi Energy (12), HP (2), HPE (50), Insyde (12), Moxa, Phoenix Contact, Splunk (2), and WAGO.

In Part 2 I will look at this week’s Schneider and Siemens advisories that were published on Tuesday as well as two exploits that were published this week.

Vendor Advisories

B&R Advisory #1 - B&R published an advisory that describes a cross-site scripting vulnerability in their Automation Runtime product.

B&R Advisory #2 - B&R published an advisory that discusses 22 vulnerabilities in their APC, PPC, and MPC product lines.

FortiGuard Advisories - FortiGuard published 40 advisories for multiple vulnerabilities in multiple products.

Fujitsu Advisory - Fujitsu published an advisory that discusses 12 vulnerabilities in multiple Fujitsu products.

GE Advisory - GE Gas Power published an advisory that discusses an out-of-bounds write vulnerability in their NetworkST4 and M&D Lockbox products.

Hitachi Advisory #1 - Hitachi Energy published an advisory that discusses two vulnerabilities in their Gateway Station (GWS) Product.

Hitachi Advisory #2 - Hitachi published an advisory that discusses four improper input validation vulnerabilities in their Gateway Station (GWS) product.

Hitachi Advisories #3-12 - Hitachi Energy published ten advisories that describe an IEC 61850 MMS-Server vulnerability in multiple Hitachi product lines.

HP Advisory #1 - HP published an advisory that discusses an out-of-bounds read vulnerability in multiple product lines.

HP Advisory #2 - HP published an advisory that discusses five vulnerabilities in multiple product lines.

HPE Advisories - HPE published 50 advisories for multiple vulnerabilities in multiple product lines. Most of the reported vulnerabilities are third-party vulnerabilities.

Insyde Advisories - Insyde published 12 advisories for separate vulnerabilities in various libraries and services provided by Insyde.

Moxa Advisory - Moxa published an advisory that discusses a DNS cache poisoning vulnerability in the uClibc-ng libraries.

Phoenix Contact Advisory - Phoenix Contact published an advisory that discusses 64 vulnerabilities in their PLCnext Firmware.

Splunk Advisory #1 - Splunk published an advisory that discusses the Text4Shell vulnerability.

Splunk Advisory #2 - Splunk published an advisory that discusses nine vulnerabilities in the their Enterprise Package.

WAGO Advisory - CERT VDE published an advisory that describes a hidden functionality vulnerability in the WAGO Unmanaged Switch.

 

For more details on these disclosures, including list of affected products, links to researcher reports, 3^rd party advisories and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-2-47f - subscription required.

Review – Public ICS Disclosures – Week of 11-5-22 – Part 1 -

This is a busy Saturday after the 2^nd Tuesday. For Part 1 this week we have five OpenSSL 3.0 vendor disclosures from Carrier, Draeger, Eurotech, Palo Alto Networks, and QNAP.  There are 23 other vendor disclosures from Aiphone, Belden, Broadcom (9), Carrier, Fujitsu, GE Gas Power, HP, and HPE (8).

OpenSSL 3.0 Disclosures

Carrier published an OpenSSL 3.0 advisory. Carrier reports that no products are affected.

Draeger published an OpenSSL 3.0 advisory. Draeger reports that their medical devices are not affected.

Eurotech published an OpenSSL 3.0 advisory. Eurotech reports that none of their products are affected.

Palo Alto Networks updated their OpenSSL 3.0 advisory. They report that none of their products are affected.

QNAP published an OpenSSL 3.0 advisory. QNAP reports that their products are not affected.

Other Vendor Disclosures

Aiphone Advisory - Aiphone published an advisory that describes an information disclosure vulnerability in their GT Entrance Station product.

Belden Advisory - Belden published an advisory that discusses two unauthorized access vulnerabilities in their Provise and Hirschmann network management products.

Broadcom Advisory #1 - Broadcom published an advisory that discusses an off-by-one error vulnerability in their Brocade SANnav.

Broadcom Advisory #2 - Broadcom published an advisory that discusses an infinite loop vulnerability in undisclosed products (probably Brocade SANnav).

Broadcom Advisory #3 - Broadcom published an advisory that discusses an out-of-bounds write in their Brocade SANnav product.

Broadcom Advisory #4 - Broadcom published an advisory that describes an improper storage of sensitive information vulnerability in their Brocade SANnav product.

Broadcom Advisory #5 - Broadcom published an advisory that describes an information exposure vulnerability in their Brocade SANnav product.

Broadcom Advisory #6 - Broadcom published an advisory that describes an information exposure vulnerability in their Brocade SANnav product.

Broadcom Advisory #7 - Broadcom published an advisory that describes weak key exchange vulnerability in their Brocade SANnav product.

Broadcom Advisory #8 - Broadcom published an advisory that describes an information exposure vulnerability in their Brocade SANnav product.

Broadcom Advisory #9 - Broadcom published an advisory that describes a remote code execution vulnerability in their Brocade Fabric OS.

Carrier Advisory - Carrier published an advisory that discusses the Text4Shell vulnerability.

Fujitsu Advisory - Fujitsu published an advisory that discusses eight vulnerabilities in a variety of Fujitsu products.

GE Advisory - GE Gas Power published an advisory that discusses “Malware Persistence in VMWare ESXi Hypervisor”.

HP Advisory - HP published an advisory that describes a privilege escalation vulnerability in the BIOS for a number of HP products.

HPE Advisory #1 - HPE published an advisory that discusses an authentication bypass vulnerability in their B-series SAN Switches.

HPE Advisory #2 - HPE published an advisory that discusses five vulnerabilities in their B-Series SANnav Management Portal.

HPE Advisory #3 - HPE published an advisory that discusses an improper input validation vulnerability in their Synergy Servers.

HPE Advisory #4 - HPE published an advisory that discusses two vulnerabilities in their ProLiant Moonshot Servers.

HPE Advisory #5 - HPE published an advisory that discusses six vulnerabilities in their ProLiant DL/ML Servers.

HPE Advisory #6 - HPE published an advisory that discusses two vulnerabilities in their ProLiant BL/DL/ML Servers.

HPE Advisory #7 - HPE published an advisory that discusses an improper input validation vulnerability in their Apollo Servers.

HPE Advisory #8 - HPE published an advisory that discusses an improper input validation vulnerability in their StoreEasy Servers.

 

For more details about these advisories, including links to third-party advisories, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-11-b51 - subscription required.

Review – Public ICS Disclosures – Week of 8-6-22 – Part 1

This Saturday after the second Tuesday we have a large slate of disclosures to look at. For Part 1, we have 24 vendor disclosures from Auma, Fujitsu, HP (7), HPE (6), Keysight Technologies, Palo Alto Networks (2), PcVue, Schneider (4), and Sick.

Auma Advisory - CERT-VDE published an advisory that discusses 73 vulnerabilities in the Auma SIMA Master Station.

Fujitsu Advisory - Fujitsu published an advisory that discusses three vulnerabilities in a number of Fujitsu products.

HP Advisory #1 - HP published an advisory that discusses 14 vulnerabilities in a wide variety of their PCs, notebooks and workstations.

HP Advisory #2 - HP published an advisory that discusses an improper restriction of XML external entity reference vulnerability in a wide variety of their PCs, notebooks and workstations.

HP Advisory #3 - HP published an advisory that discusses an improper restriction of XML external entity reference vulnerability (with a known exploit) in a wide variety of their PCs, notebooks and workstations.

HP Advisory #4 - HP published an advisory that discusses four vulnerabilities in a wide variety of their PCs, notebooks and workstations.

HP Advisory #5 - HP published an advisory that discusses three vulnerabilities in in a wide variety of their PCs, notebooks and workstations.

HP Advisory #6 - HP published an advisory that discusses four vulnerabilities in a wide variety of their PCs, notebooks and workstations.

HP Advisory #7 - HP published an advisory that discusses an information disclosure vulnerability in a wide variety of their PCs, notebooks and workstations.

HPE Advisory #1 - HPE published an advisory that discusses a privilege escalation vulnerability in their HPE ProLiant DL Servers.

HPE Advisory #2 - HPE published an advisory that discusses an information disclosure vulnerability in their ProLiant DL/ML Servers.

HPE Advisory #3 - HPE published an advisory that discusses an information disclosure vulnerability in their ProLiant DX Servers.

HPE Advisory #4 - HPE published an advisory that discusses a privilege escalation vulnerability in their Synergy Servers.

HPE Advisory #5 - HPE published an advisory that discusses an information disclosure vulnerability in their Synergy Servers.

HPE Advisory #6 - HPE published an advisory that discusses a privilege escalation vulnerability ProLiant DX Servers.

Keysight Advisory - INCIBE-CERT published an advisory that describes two vulnerabilities in the Keysight Sensor Management Server.

Palo Alto Networks Advisory #1 - Palo Alto Networks published an advisory that describes a reduced effectiveness of their Cortex XDR Agent anti-ransomware endpoint protection module.

Palo Alto Networks Advisory #2 - Palo Alto Networks published an advisory that describes a reflected amplification DOS vulnerability in their PAN-OS.

PcVue Advisory - PcVue published an advisory that describes a clear-text storage of sensitive information in their PcVue OAuth web service.

Schneider Advisory #1 - Schneider published an advisory that describes a weak password recovery vulnerability in their EcoStruxure™ Control Expert , EcoStruxure™ Process Expert, Modicon M580 and M340 products.

Schneider Advisory #2 - Schneider published an advisory that describes an integer underflow vulnerability in their Modicon PAC Controllers.

Schneider Advisory #3 - Schneider published an advisory that describes an improper restriction of operations within the bounds of a memory buffer.

Schneider Advisory #4 - Schneider published an advisory that describes an information disclosure vulnerability in their Modicon PAC Controllers.

Sick Advisory - Sick published an advisory that discusses an infinite loop vulnerability in their SIM products. This is a third-party (OpenSSL).

 

For more details on these advisories, including links to third-party advisories, researcher reports and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-8-e7f - subscription required.

Review – Public ICS Disclosures – Week of 7-16-22

This week we have ten vendor disclosures from Dell, Eaton, Flexera, Honeywell, HP, HPE (2), Rockwell, and SonicWall. We also have four vendor updates from Aruba Networks (2), Fujitsu, and HP. Finally, we have one researcher report for products from Schneider Electric.

Dell Advisory - Dell published an advisory that discusses 28 vulnerabilities (two with known exploits) in their Wyse Management Suite.

Eaton Advisory - Eaton published an advisory that describes an unrestricted file upload vulnerability in their Foreseer software.

Flexera Advisory - Flexera published an advisory that discusses the log4j remote code execution vulnerability (CVE-2021-44832).

Honeywell Advisory - Honeywell published an end-of-life notice for their equIP® Series IP Cameras, Performance Series IP and HQA Cameras, and Performance Series NVRs, and DVR.

HP Advisory - HP published an advisory that discusses seven vulnerabilities in their UEFI Secure Boot Database.

HPE Advisory #1 - HPE published an advisory that describes a disclosure of sensitive information vulnerability in their OneView product.

HPE Advisory #2 - HPE published an advisory that discusses an endless loop vulnerability in their NonStop products.

Rockwell Advisory - Rockwell published an advisory that discusses the SpringShell vulnerability in their FactoryTalk Analytics DataView product.

SonicWall Advisory - SonicWall published an advisory that describes an SQL injection vulnerability in their GMS AND Analytics products.

Aruba Update #1 - Aruba published an update for their OpenSSL advisory that was originally published on May 4^th, 2022 and most recently updated on June 1^st, 2022.

Aruba Update #2 - Aruba published an update for their Expat XML advisory that was originally published on May 17^th, 2022 and most recently updated on July 7^th, 2022.

Fujitsu Update - Fujitsu published an update for their ETERNUS CS8000 advisory that originally published on June 1^st, 2022.

HP Update - HP published an update for their Jumpstart advisory that originally published on May 10^th, 2022.

Schneider Report - Zero Science Labs published a report describing an OS command injection vulnerability in the Schneider SpaceLogic C-Bus Home Automation System.

 

For more details on these disclosures, including links to third-party advisories and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-7-c9a - subscription required.