Showing posts with label Genetec. Show all posts
Showing posts with label Genetec. Show all posts

Saturday, April 29, 2023

Review – Public ICS Disclosures – Week of 4-22-23

This week we have eighteen vendor disclosures from BD, Belden (2), Bosch (2), GE Gas Power (2), Genetec, Hitachi Energy (4), HPE, Mitsubishi, Moxa, Omron, Schneider, and VMware. There are two vendor updates from HPE, and Mitsubishi. Finally, we have an FDA report on the Illumina vulnerabilities.

Advisories

BD Advisory - BD published an advisory that describes a credential sharing incident that could affect their BD Kiestra product.

Belden Advisory #1 - Belden published an advisory that discusses an integer overflow or wraparound vulnerability in their HiSecOS and Cellular Router products.

Belden Advisory #2 - Belden published an advisory that discusses two vulnerabilities in their Hirschmann product line.

Bosch Advisory #1 - Bosch published an advisory that describes an incorrect authorization vulnerability in their B420 Ethernet communication module.

Bosch Advisory #2 - Bosch published an advisory that discusses a use of obsolete function vulnerability in their SLC-0-GPNT00300 interface module.

GE Gas Power Advisory #1 - GE published an advisory that discusses a path traversal vulnerability in multiple products.

GE Gas Power Advisory #2 - GE published an advisory that discusses a buffer underflow vulnerability in multiple products.

Genetec Advisory - Genetec published an advisory that discusses three vulnerabilities in the Security Center product.

Hitachi Energy Advisory #1 - Hitachi Energy published an advisory that discusses eight vulnerabilities in their Modular Switchgear Monitoring product.

Hitachi Energy Advisory #2 - Hitachi Energy published an advisory that discusses four vulnerabilities in their RTU500 series product.

Hitachi Energy Advisory #3 - Hitachi Energy published an advisory that discusses two vulnerabilities in their RTU500 series product.

Hitachi Energy Advisory #4 - Hitachi Energy published an advisory that discusses two vulnerabilities in their AFS65x, AFS67x, AFR67x and AFF66x series Products.

HPE Advisory - HPE published an advisory that describes an arbitrary code execution vulnerability in their ProLiant RL300 Gen11 Server.

Mitsubishi Advisory - Mitsubishi published an advisory that discusses nine vulnerabilities in their FA product line.

Moxa Advisory - Moxa published an advisory that discusses two Trusted Computing Group TPM2.0 implementation vulnerabilities.

Omron Advisory - Omron published an advisory that describes a heap-based buffer overflow vulnerability in their CX-drive support tool.

Schneider Advisory - Schneider published an advisory that discusses a recently published exploit for vulnerabilities in their KNX building automation systems.

VMware Advisory - VMware published an advisory that describes four vulnerabilities in their Workstation and Fusion products.

Updates

HPE Update - HPE published an update for their IceWall advisory that was originally published on March 9th, 2018 and most recently updated on January 27th, 2023.

Mitsubishi Update - Mitsubishi published an update for their Ethernet port of MELSEC and MELIPC Series advisory that was originally published on November 30th, 2021 and most recently updated on November 24th, 2022.

Reports

Illumina Report - The Federal Drug Administration (FDA) published a letter to healthcare providers on the Illumina vulnerabilities reported this week by CISA.

 

For more details on these disclosures, including links to 3rd party advisories and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-4-b33 - subscription required.

Posted by at No comments:
Labels: , , , , , , , , , , , , , ,

Saturday, June 18, 2022

Review – Public ICS Disclosures – Week of 6-11-22 – Part 1

This is another busy second-Tuesday disclosure week. For Part 1 we have 23 vendor disclosures from ABB, AUMA, Genetec, Hitachi Energy, HP (2), HPE (6), OPC UA (5), PROSYS OPC, QNAP, Tanzu, TI, and VMware (2).

ABB Advisory - ABB published an advisory that describes five privilege escalation vulnerabilities in their Automation Builder, Drive Composer and Mint WorkBench products.

AUMA Advisory - CERT-VDE published an advisory that discusses a classic buffer overflow vulnerability in the AUMA SIMA² Master Station.

Genetec Advisory - Genetec published an advisory that discusses the recently reported vulnerabilities in HID Mercury controllers.

Hitachi Energy Advisory - Hitachi Energy published an advisory that discusses an insecure method vulnerability in their PROMOD IV product.

HP Advisory #1 - HP published an advisory that discusses four information disclosure vulnerabilities in multiple HP products.

HP Advisory #2 - HP published an advisory that discusses an improper input validation vulnerability in multiple notebook products.

HPE Advisory #1 - HPE published an advisory that discusses four information disclosure vulnerabilities in their Synergy Servers.

HPE Advisory #2 - HPE published an advisory that discusses four information disclosure vulnerabilities in their Storage Products.

HPE Advisory #3 - HPE published an advisory that discusses four information disclosure vulnerabilities in their ProLiant DX Servers.

HPE Advisory #4 - HPE published an advisory that discusses four information disclosure vulnerabilities in their Moonshot/Edgeline Servers.

HPE Advisory #5 - HPE published an advisory that discusses four information disclosure vulnerabilities in their Superdome Flex Servers.

HPE Advisory #6 - HPE published an advisory that discusses four information disclosure vulnerabilities in their ProLiant BL/DL/ML/XL/MicroServer and Apollo Servers.

OPC UA Advisory #1 - OPC UA published an advisory that describes an uncontrolled resource consumption vulnerability in their .NET Standard Stack.

OPC UA Advisory #2 - OPC UA published an advisory that describes an incorrect implementation of authentication algorithm vulnerability in their .NET Standard Stack.

OPC UA Advisory #3 - OPC UA published an advisory that describes an uncontrolled resource consumption vulnerability in their .NET Standard Stack.

OPC UA Advisory #4 - OPC UA published an advisory that describes a memory allocation with excessive size value vulnerability in their .NET Standard Stack.

OPC UA Advisory #5 - OPC UA published an advisory that describes an infinite loop vulnerability in their .NET Standard Stack.

PROSYS OPC Advisory - PROSYS published an advisory that discusses a security feature bypass vulnerability (with publicly available exploit) in their OPC products.

QNAP Advisory - QNAP published an advisory that discusses a ransomware campaign that appears to target QNAP NAS devices running outdated versions of QTS 4.x.

Tanzu Advisory - Tanzu published an advisory that describes a denial of service vulnerability in their Spring Cloud product.

TI Advisory - TI published an advisory that describes missing ECC input validations on CC1310 and CC1350 devices.

VMware Advisory #1 - VMware published an advisory that describes an information disclosure vulnerability in their HCX product.

VMware Advisory #2 – VMware published an advisory that discusses four information disclosure vulnerabilities in their ESXi product.


For more details about these disclosures, including links to researcher reports, 3rd party advisories and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-6-446 - subscription required.

Posted by at No comments:
Labels: , , , , , , , , , , , ,

Saturday, March 12, 2022

Review – Public ICS Disclosures – Week of 3-5-22 – Part 1

It has been a busy week, even without the 2nd Tuesday disclosures. This will be a three-part report. This week we have thirteen vendor disclosures from Boston Scientific, Broadcom, Carestream, WAGO, Draeger, Eaton (4), GE Gas Power, Genetec, Hitachi Energy, and Johnson Controls.

Boston Scientific Advisory - Boston Scientific published an advisory discussing the Access:7 vulnerabilities.

Broadcom Advisory - Broadcom published an advisory discussing the DirtyPipe vulnerability.

Carestream Advisory - Carestream published an advisory discussing the Access:7 vulnerabilities.

Ecava Advisory - Incibe CERT published an advisory discussing eight vulnerabilities in the Ecava IntegraXor.

WAGO Advisory - VDE CERT published an advisory describing a cross-site scripting vulnerability in various WAGO PLCs.

Draeger Advisory - Draeger published an advisory discussing the PwnKit vulnerability.

Eaton Advisory #1 - Eaton published an advisory describing a cross-site scripting vulnerability in their Intelligent Power Manager.

Eaton Advisory #2 - Eaton published an advisory describing a cross-site scripting vulnerability in their Intelligent Power Manager.

Eaton Advisory #3 - Eaton published an advisory describing a cross-site scripting vulnerability int heir Intelligent Power Manager.

Eaton Advisory #4 - Eaton published an advisory describing a cross-site scripting vulnerability int heir Intelligent Power Manager.

GE Gas Power Advisory - GE Gas Power published an advisory discussing the Russia-Ukraine situation.

Genetec Advisory - Genetec published an advisory describing a privilege escalation vulnerability in the Authentication Service role in their Security Center product.

Hitachi Energy Advisory - Hitachi Energy published an advisory describing seven vulnerabilities (two with published exploits) in their RelCare product.

Johnsons Controls Advisory - Johnson Controls published an advisory discussing a deserialization of untrusted data vulnerability in their DSC PowerManage product.

 

For more details on these disclosures, including links to 3rd party advisories and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-3 - subscription required.

Posted by at No comments:
Labels: , , , , , , , , , , , , ,

Saturday, August 7, 2021

Review - Public ICS Disclosures – Week of 7-31-21

This week we have three INFRA:HALT advisories from: Phoenix Contact, Schneider Electric, Siemens. We have 17 other advisories for products from Aruba, Bosch, Carestream, Genetec, Hitachi ABB Power Grids (3), Johnson Controls, Mitsubishi Electric (4), Phoenix Contact (3), PulseSecure, VMware. Finally, there are two updates from CODESYS and PcVue.

INFRA:HALT Advisories

Phoenix Contact published an advisory discussing the INFRA:HALT vulnerabilities.

Schneider published an advisory discussing the INFRA:HALT vulnerabilities.

Siemens published an advisory discussing the INFRA:HALT vulnerabilities.

Other Advisories

Aruba published an advisory describing a privilege escalation vulnerability in their Analytics and Location Engine (ALE).

Bosch published an advisory describing a cross-site request forgery vulnerability in their IP Cameras.

Carestream published an advisory discussing the PrintNightmare vulnerabilities.

Genetec published an advisory describing four vulnerabilities in their Streamvault products.

Hitachi ABB published an advisory discussing the FragAttacks WiFi vulnerabilities in their TropOS Product.

Hitachi ABB published an advisory describing a password in memory vulnerability in their Counterparty Settlement Billing (CSB) Product.

Hitachi ABB published an advisory describing a password in memory vulnerability in their Retail Operations Product.

Johnson Controls published an advisory describing an auto-update vulnerability in their Software House C•CURE 9000 product

Mitsubishi published an advisory describing an information disclosure vulnerability in their MELSEC iQ-R Series CPU module.

Mitsubishi published an advisory describing an unauthorized log-in vulnerability in their MELSEC iQ-R series CPU modules.

Mitsubishi published an advisory describing a denial-of-service vulnerability in their MELSEC iQ-R Series CPU module.

Mitsubishi published an advisory describing an authentication bypass vulnerability in their MELSEC iQ-R Series CPU Module.

Phoenix Controls published an advisory discussing the WIBU CodeMeter vulnerabilities reported by NCCIC-ICS.

Phoenix Controls published an advisory describing a denial of service vulnerability in their PLCnext Control devices.

Phoenix Controls published an advisory describing an improper privilege management vulnerability in their  FL MGUARD DM product.

PulseSecure published an advisory describing six vulnerabilities in their Pulse Connect Secure.

VMware published an advisory describing two vulnerabilities in their VMware Workspace ONE Access product.

Updates

CODESYS published an update for their CODESYS Development System V3 advisory that was originally published on July 15th, 2021.

PcVue published an update for their advisory that was originally published in November 2020.

For more details on these advisories, including links to exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-e33 - subscription required.

Posted by at No comments:
Labels: , , , , , , , , , , , , , ,

Saturday, June 19, 2021

Review - Public ICS Disclosures – Week of 6-12-21

This week we have eight vendor disclosures from Digitek, EIP Stack Group, Genetec, QNAP (2), VMware, and Wibu (2). We also have two vendor updates from Dell and Mitsubishi. Finally, we have an exploit for products from Wibu.

Vendor Disclosures

Digitek Advisory - Incibe-CERT published an advisory describing an SQL injection vulnerability in the Digitek Secure 8 system.

EIP Stack Group Advisory - Incibe-CERT published an advisory describing an out-of-bounds read vulnerability in the EIP Stack Group OpENer product.

Genetec Advisory - Genetec published an advisory discussing vulnerabilities in Bosch IP cameras that may affect their Security Center, Security Center SaaS Edition, and Stratocast products.

QNAP Advisory - QNAP published an advisory describing an insecure storage of sensitive information vulnerability in their QNAP NAS products running myQNAPcloud Link.

QNAP Advisory - QNAP published an advisory describing an out-of-bounds read vulnerability in their QNAP NAS products running QTS and QuTS hero.

VMware Advisory - VMware published an advisory describing a denial-of-service vulnerability in their VMware Tools for Windows product.

Wibu Advisory - Wibu published an advisory describing a buffer over-read vulnerability in their CodeMeter Runtime Network Server.

Wibu Advisory - Wibu published an advisory describing a denial-of-service vulnerability in their CodeMeter Runtime CmWAN Server.

Vendor Updates

Dell Update - Dell published an update for their Dell Wyse Windows Embedded System that was originally published on May 11th, 2021.

Mitsubishi Update - Mitsubishi published an update for their MC Works advisory that was originally published on June 18th, 2020 and most recently updated on January 14th, 2021.

Exploits

Wibu Exploit - Brian Rodriquez published an exploit for a unquoted service path vulnerability in the Wibukey Runtime product.

 

For a more detailed look at these disclosures see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-dda (subscription required),


Posted by at No comments:
Labels: , , , , , , , , , , , ,
Subscribe to: Posts (Atom)
 
/* Use this with templates/template-twocol.html */