Review – Public ICS Disclosures – Week of 6-21-25 – Part 1

This is a moderately busy disclosure week. For Part 1 we have 12 vendor disclosures from Elecom, FortiGuard, GE Vernova, Helmholz (2), Hitachi Energy (4), HP, Lenze, and Siemens.

Advisories

Elecom Advisory - JP-CERT published an advisory that describes five vulnerabilities in multiple Elecom wireless LAN routers.

FortiGuard Advisory - FortiGuard published an advisory that describes a stack-based buffer overflow vulnerability in multiple FortiGuard products.

GE Vernova Advisory - GE published an advisory that discusses an authentication bypass using an alternate path or channel vulnerability in their Control Server OTArmor.

Helmholz Advisory #1 - CERT-VDE published an advisory that describes a missing authentication for critical function vulnerability in the Helmholz myREX-24 products.

Helmholz Advisory #2 - CERT-VDE published an advisory that describes two vulnerabilities in the myREX-24 products.

Hitachi Energy Advisory # 1 - Hitachi Energy published an advisory that describes an allocation of resources without limits or throttling in their Relion 670/650 and SAM600-IO series products.

Hitachi Energy Advisory #2 - Hitachi Energy published an advisory that describes five vulnerabilities in their MicroSCADA X SYS600 product.

Hitachi Energy Advisory #3 - Hitachi Energy published an advisory that discusses a cross-site scripting vulnerability (with publicly available exploit) in their MSM product.

Hitachi Energy Advisory #4 - Hitachi Energy published an advisory that describes an improper check for unusual or exceptional conditions vulnerability in their Relion 670/650 and SAM600-IO series products.

HP Advisory - HP published an advisory that discusses an out-of-bounds write vulnerability in their Poly Trio & CCX Devices.

Lenze Advisory - CERT-VDE published an advisory that describes a clear-text storage of sensitive information vulnerability in the Lenze PLC Designer V4.

Siemens Advisory - Siemens published an advisory that describes a problem (not a vulnerability) with how their SIMATIC PCS 7 and SIMATIC PCS neo products react with Microsoft Defender Antivirus.

 

For more information on these disclosures, including links to 3^rd party advisories, researcher reports, and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-6-85b - subscription required.

Review - Public ICS Disclosures – Week of 5-25-25 – Part 2

For Part 2 this week we have six additional vendor disclosures from Lenze, Mitsubishi, PEPPERL+Fuchs, QNAP, WatchGuard, and Weidmueller. There are also nine updates from FortiGuard, Hitachi Energy (6), HP, and HPE. Finally, we have two exploits for products from Palo Alto Networks and SCADAFlare.

Advisories

Lenze Advisory - CERT-VDE published an advisory that discusses two vulnerabilities in the Lenze x500 IoT Gateway.

Mitsubishi Advisory - Mitsubishi published an advisory that describes an improper validation of specified index, position or offset in input vulnerability in their MELSEC iQ-F Series CPU module.

PEPPERL+Fuchs Advisory - CERT-VDE published an advisory that describes three vulnerabilities in the PEPPERL+Fuchs  Profinet Gateway LB8122A.1.EL.

QNAP Advisory - QNAP published an advisory that discusses an untrusted search path vulnerability in the GNU C Library.

WatchGuard Advisory - WatchGuard published an advisory that describes a privilege escalation vulnerability in their Mobile VPN product.

Weidmueller Advisory - CERT-VDE published an advisory that describes five vulnerabilities in multiple Weidmueller industrial ethernet switches.

Updates

FortiGuard Update - FortiGuard published an update for their TACACS+ authentication bypass advisory that was originally published on May 13^th, 2025.

Hitachi Energy Update #1 - Hitachi Energy published an update for their IEC 61850 MMS-Server advisory that was originally published on February 14^th, 2024.

Hitachi Energy Update #2 - Hitachi Energy published an update for their BadAlloc advisory that was originally published on December 16^th, 2021.

Hitachi Energy Update #3 - Hitachi Energy published an update for their OpenSSL Vulnerability advisory that was originally published on June 27^th, 2023.

Hitachi Energy Update #4 - Hitachi Energy published an update for their Relion 670/650/SAM600-IO advisory that was originally published on November 28^th, 2023, and most recently updated on September 23^rd, 2024.

Hitachi Energy Update #7 - Hitachi Energy published an update for their Hitachi Energy Relion 670/650/SAM600-IO advisory that was originally published on November 4^th, 2021, and most recently updated on December 7^th, 2021.

Hitachi Energy Update #6 - Hitachi Energy published an update for their Hitachi Energy’s Relion 670, 650 and SAM600-IO advisory that was originally published on February 28^th, 2023.

HP Update - HP published an update for their Sound Research SECOMN64 advisory that was originally published on November 12^th, 2024.

HPE Update - HPE published an update for their HPE ProLiant AMD Servers advisory that was originally published on February 3^rd, 2025.

Exploits

Palo Alto Networks Exploit - Cody 16 published an exploit for a memory corruption vulnerability in the Palo Alto Networks CLI.

SCADAFlare Exploit - Fellipe Oliveira published an exploit for an unrestricted upload of file with dangerous type vulnerability in the SCADAFlare ScadaBR product.

 

For more information on these disclosures, including links to 3rd party advisories, researcher reports and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-5-d6e - subscription required.

Review – Public ICS Disclosures – Week of 7-9-22 – Part 1

For a 2nd Tuesday weekend there is just a moderate number of disclosures, but I will still need to do two parts to keep these post sizes reasonable. So, for Part 1 this week we have 22 vendor disclosures from ABB, Bentley (7), Broadcom, Flexera, Hitachi Energy (2), Lenze, HP, QNAP, Rockwell Automation, Sonic Wall, VMware (3), and Western Digital (2).

NOTE: NVD.NIST.gov is now specifically identifying when a CVE is listed in CISA's Known Exploited Vulnerabilities Catalog

ABB Advisory - ABB published an advisory that describes a path traversal vulnerability in ABB flow computer and remote controller products.

Bentley Advisory #1 - Bentley published an advisory that describes an out-of-bounds read vulnerability in their MicroStation and MicroStation-based applications.

Bentley Advisory #2 - Bentley published an advisory that describes an out-of-bounds read vulnerability in their MicroStation and MicroStation-based applications.

Bentley Advisory #3 - Bentley published an advisory that describes an out-of-bounds read vulnerability in their MicroStation and MicroStation-based applications.

Bentley Advisory #4 - Bentley published an advisory that describes an out-of-bounds read vulnerability in their MicroStation and MicroStation-based applications.

Bentley Advisory #5 - Bentley published an advisory that describes an out-of-bounds read vulnerability in their MicroStation and MicroStation-based applications.

Bentley Advisory #6 - Bentley published an advisory that describes an out-of-bounds read vulnerability in their MicroStation and MicroStation-based applications.

Broadcom Advisory - Broadcom published an advisory that describes a deserialization of untrusted data vulnerability in their com.alibaba:fastjson JSON parser package.

Flexera Advisoyr - Flexera published an advisory that discusses two recent Microsoft vulnerabilities (CVE-2022-30190 and CVE-2022-30136).

Hitachi Energy Advisory #1 - Hitachi Energy published an advisory that discusses thirteen vulnerabilities (three with known exploits) in their MSM high-voltage switchgear monitoring system.

Hitachi Energy Advisory #2 - Hitachi Energy published an advisory that describes two vulnerabilities in their MSM high-voltage switchgear monitoring system.

Lenze Advisory - CERT-VDE published an advisory that describes a missing critical step in authentication vulnerability in the Lenze machine controller.

HP Advisory - HP published an advisory that discusses the RETbleed vulnerabilities in their Wolf Security software.

QNAP Advisory - QNAP published an advisory that discusses the Checkmate ransomware that appears to be targeting QNAP products with SMB services exposed to the internet.

Rockwell Advisory - Rockwell published an advisory that discusses a CHROME type confusion vulnerability in multiple products.

SonicWall Advisory - SonicWall published an advisory that discusses an OS command injection vulnerability in their products.

VMware Advisory #1 - VMware published an advisory that describes a server-side request forgery vulnerability in their vCenter Server.

VMware Advisory #2 - VMware published an advisory that describes two cross-site scripting vulnerabilities in their vRealize Log Insight product.

VMware Advisory #3 - VMware published an advisory that describes four vulnerabilities in their ESXi and Cloud Foundation products.

Western Digital Advisory #1 - Western Digital published an advisory that discuses three NULL pointer dereference vulnerabilities in their EdgeRover application.

Western Digital Advisory #2 - Western Digital published an advisory that discusses 44 vulnerabilities in their My Cloud Home devices.

 

For more details on these disclosures, including links to third-party advisories and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-7-9bc  - [7-16-22 10:23 EDT, added link] subscription required. 

Review – Public ICS Disclosures – Week of 10-2-21

This week we have six vendor disclosures from Aruba Networks, Bosch, Lenze, ENDRESS+HAUSER, HPE (2), and WIBU. There is also one researcher report on products from Johnson Controls.

Aruba Advisory - Aruba published an advisory describing six vulnerabilities in their Aruba Instant Access Points product.

Bosch Advisory - Bosch published an advisory describing four vulnerabilities in their Rexroth IndraMotion MLC and IndraLogic XLC products.

Lenze Advisory - CERT-VDE published an advisory discussing three vulnerabilities in a range of products from Lenze.

ENDRESS+HAUSER Advisory - CERT-VDE published an advisory discussing a stack-based buffer overflow vulnerability in the ENDRESS+HAUSER Promass 83 product.

HPE Advisory #1 - HPE published an advisory describing two vulnerabilities in their NonStop SSL Toolkit.

HPE Advisory #2 - HPE published an advisory describing an arbitrary code execution vulnerability in their HPE 3PAR StoreServ, HPE Primera Storage and HPE Alletra 9000 Storage Arrays products.

WIBU Advisory - WIBU published an advisory describing a denial-of-service vulnerability in their CodeMeter Runtime for Windows product.

Johnson Controls Report - Tenable published a report about two vulnerabilities in the Johnson Controls exacqVision products.

For more details about these advisories, including links to third-party advisories, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-10 - subscription required.