Review – Public ICS Disclosures – Week of 5-10-25 – Part 2

This week for Part 2 we have additional 29 vendor disclosures from Mitsubishi, NI, Palo Alto Networks (11), Panasonic, Pheonix Contact, Rockwell Automation, SEL (3), Schneider (4), Siemens, Supermicro, VMware (2), WatchGuard (2). Part 3 should be published on Tuesday.

Advisories

Mitsubishi Advisory - Mitsubishi published an advisory that describes an execution with unnecessary privilege vulnerability in their  GENESIS64 and MC Works64 products.

NI Advisory - NI published an advisory that describes five vulnerabilities in their Circuit Design Suite.

PAN Advisory #1 - PAN published an advisory that discusses 16 vulnerabilities in their Prisma Access Browser products.

PAN Advisory #2 - PAN published an advisory that describes an improper check for unusual or exceptional conditions vulnerability in multiple Palo Alto Networks products.

PAN Advisory #3 - PAN published an advisory that describes an incorrect privilege assignment vulnerability in their MetaDefender Endpoint Security SDK product.

PAN Advisory #4 - PAN published an advisory that describes a missing authentication for critical function vulnerability in their Cortex XDR Broker VM product.

PAN Advisory #5 - PAN published an advisory that describes a cross-site scripting vulnerability in multiple Palo Alto Network products.

PAN Advisory #6 - PAN published an advisory that describes a code injection vulnerability in their Cortex XDR Broker VM product.

PAN Advisory #7 - PAN published an advisory that describes an incorrect privilege assignment vulnerability in their GlobalProtect products.

PAN Advisory #8 - PAN published an advisory that describes a clear-text transmission of sensitive information vulnerability in multiple Palo Alto Networks products.

PAN Advisory #9 - PAN published an advisory that describes an improper neutralization of a script in a web page vulnerability in their Cloud NFGW and PAN-OS products.

PAN Advisory #10 - PAN published an advisory that describes an insufficient session expiration vulnerability in their Prisma Cloud Compute Edition product.

PAN Advisory #11 - PAN published an advisory that discusses 14 vulnerabilities in their PAN-OS product.

Panasonic Advisory - JP-CERT published an advisory that describes a missing protection mechanism for alternate hardware interface vulnerability in the Panasonic IR Control Hub.

Pheonix Contact Advisory - Pheonix Contact published an advisory that describes an allocation of resources without limits or throtting vulnerability in their Bus coupler for Axioline F and Inline Remote-I/O-system.

Rockwell Advisory - Rockwell published an advisory that discusses an improper restriction of XML external entity reference vulnerability in their FactoryTalk Historian-ThingWorx Connection Server.

SEL Advisory #1 - SEL published a software update notice that addressed cybersecurity issues for their SEL-5056 Software-Defined Network Flow Controller product.

SEL Advisory #2 - SEL published a software update notice that addressed cybersecurity issues for their SEL-5030 acSELerator QuickSet Software.

SEL Advisory #3 - SEL published a software update notice that addressed cybersecurity issues for their Flow Controller product.

Schneider Advisory #1 - Schneider published an advisory that describes an externally controlled reference to resource in another sphere vulnerability in their Modicon Controllers.

Schneider Advisory #2 - Schneider published an advisory that discusses a classic buffer overflow vulnerability in two of their Wiser home automation products.

Schneider Advisory #3 - Schneider published an advisory that discusses a classic buffer overflow vulnerability in PrismaSeT Active, wireless panel server.

Schneider Advisory #4 - Schneider published an advisory that discusses a missing authentication for critical function vulnerability in their Galaxy VS, VL, and VXL products.

Siemens Advisory - Siemens published an advisory that discusses a missing encryption of sensitive data vulnerability in their Siveillance Video product.

Supermicro Advisory - Supermicro published an advisory that discusses five vulnerabilities (one with publicly available exploits) in 16 separate Supermicro product lines.

VMware Advisory #1 - Broadcom published an advisory that describes a cross-site scripting in the VMware Aria automation product.

VMware Advisory #2 - Broadcom published an advisory that describes a link following vulnerabilities in the VMware Tools product.

WatchGuard Advisory #1 - WatchGuard published an advisory that describes a cross-site scripting vulnerability in their Firebox product (Fireware OS).

WatchGuard Advisory #2 - WatchGuard published an advisory that describes a cross-site scripting vulnerability in their Firebox product (Fireware OS).

 

For more information on these disclosures, including links to 3rd party advisories, researcher reports, and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-5-90e - subscription required.

Review – Public ICS Disclosures – Week of 4-19-25 – Part 1

This week we have 18 vendor disclosures from Bosch, Broadcom, CODESYS, Hitachi (3), HPE (6), Milestone, Mitsubishi, Philips (2), and SEL (2).

Advisories

Bosch Advisory - Bosch published an advisory that describes 15 vulnerabilities in their ctrlX OS product.

Broadcom Advisory - Broadcom published an advisory that discusses an improper isolation or compartmentalization vulnerability in multiple Broadcom products.

CODESYS Advisory - CODESYS published an advisory that describes a forced browsing vulnerability in multiple CODESYS products.

Hitachi Advisory #1 - Hitachi published an advisory that discusses three vulnerabilities (one with publicly available exploit) in their JP1/Automatic Operation products.

Hitachi Advisory #2 - Hitachi published an advisory that describes an insertion of sensitive information into a log file vulnerability in their Ops Center Common Services within Hitachi Ops Center OVA.

Hitachi Advisory #3 - Hitachi published an advisory that describes a use of default credentials vulnerability in Ops Center Common Services within Hitachi Ops Center Analyzer viewpoint OVF.

HP Advisory - HP published an advisory that discusses two vulnerabilities in multiple HP products.

HPE Advisory #1 - HPE published an advisory that discusses five vulnerabilities (3 with publicly available exploits, one listed in CISA’s KEV catalog) in their Telco Unified OSS Console.

HPE Advisory #2 - HPE published an advisory that discusses four vulnerabilities (one with publicly available exploit) in their Superdome Flex 280 and Compute Scale-up Server 3200 platforms.

HPE Advisory #3 - HPE published an advisory that discusses an OS command injection vulnerability in their SAN Switches with Brocade Fabric OS.

HPE Advisory #4 - HPE published an advisory that discusses 13 vulnerabilities in their Telco Network Function Virtualization Orchestrator Software.

HPE Advisory #5 - HPE published an advisory that discusses a deserialization of untrusted data vulnerabilities (listed in CISA’s KEV catalog) vulnerability in their Telco Service Orchestrator.

HPE Advisory #6 - HPE published an advisory that discusses three vulnerabilities in their Telco Service Activator.

Milestone Advisory - Milestone published an advisory that describes a missing encryption of sensitive data vulnerability in their XProtect installer.

Mitsubishi Advisory - Mitsubishi published an advisory that describes an improper validation of specified quantity in input vulnerability in multiple FA products.

Philips Advisory #1 - Philips published an advisory that discusses five Apple vulnerabilities.

Philips Advisory #2 - Philips published an advisory that discusses two Google Chrome vulnerabilities.

SEL Advisory #1 - SEL published a software update notice that includes cybersecurity enhancements for their SEL-5702 Synchrowave Operations product.

SEL Advisory #2 - SEL published a software update notice that includes cybersecurity enhancements for their Blueframe OS.

For more information on these disclosures, including links to 3^rd party advisories, researcher reports, and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-4-83e - subscription required.

Review – Public ICS Disclosures – Week of 4-12-25

This week we have 14 vendor disclosures from ads-tech, Broadcom, Delta Electronics, GE Vernova (2), HP, HPE (2), Philips, Rockwell Automation, SEL (3), and WAGO. There are two vendor updates from Broadcom and Siemens. We also have three researcher reports for vulnerabilities in products from Eclipse. Finally, we have two exploits for products from Ruckus and FortiGuard.

Advisories

Ads-tech Advisory - CERT-VDE published an advisory that discusses three vulnerabilities (two with publicly available exploits) in the ads-tech IRF products.

Broadcom Advisory - Broadcom published an advisory that describes an input validation vulnerability in multiple Brocade products.

Delta Advisory - Delta published an advisory that describes three vulnerabilities in their ISPsoft product.

GE Advisory #1 - GE Vernova published an advisory that discusses four vulnerabilities in their NetworkST4 devices and Remote Operations Offering products.

GE Advisory #2 - GE Vernova published an advisory that discusses three vulnerabilities (all three listed in CISA’s KEV catalog) in unspecified GE products.

HP Advisory - HP published an advisory that describes a link following vulnerability in their Touchpoint Analytics Service.

HPE Advisory #1 - HPE published an advisory that describes an unauthorized access vulnerability in their Performance Cluster Manager.

HPE Advisory #2 - HPE published an advisory that describes an unauthorized access vulnerability in their Cray Data Virtualization Service.

Philips Advisory - Philips published an advisory that discusses a use after free vulnerability (with publicly available exploit) in multiple Philips products.

Rockwell Advisory - Rockwell published an advisory that describes two vulnerabilities in their ThinManager product.

SEL Advisory #1 - SEL published a software update notice that includes cybersecurity enhancements for their SEL-5032 acSELerator Architect Software.

SEL Advisory #2 - SEL published a software update notice that includes cybersecurity enhancements for their SEL-5702 Synchrowave Operations product.

SEL Advisory #3 - SEL published a software update notice that includes cybersecurity enhancements for their SEL-5231 SEL Configuration API.

WAGO Advisory - CERT-VDE published an advisory that discusses the Year 2038 problem.

Updates

Broadcom Update - Broadcom published an update for their Fabric OS advisory that was originally published on September 26^th, 2034, and most recently updated on February 27^th, 2025.

Siemens Update - Siemens published an update for their Industrial Edge Device Kit advisory that was originally published on April 8^th, 2025.

Researcher Reports

Eclipse Reports - Cisco Talos published three reports about individual vulnerabilities in the Eclipse ThreadX NetX Duo HTTP server.

Exploits

Ruckus Exploit - Korelogic published an exploit for an undocumented backdoor vulnerability in the Ruckus IoT Controller.

FortiGuard Exploit - Zach Hanley published a Metasploit module for an improper authentication vulnerability (listed in CISA’s KEV catalog) in multiple FortiGuard products.

 

For more information on these disclosures, including links to 3^rd party advisories, researcher reports, and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-4-971 - subscription required.

Review – Public ICS Disclosures – Week of 3-29-25 – Part 1

This week we have 18 vendor disclosures from Honeywell (3), HP, HPE, Inaba Denki Sangyo (2), JTEKT (2), Meinberg, PcVue, Philips (3), and SEL (4).

Advisories

Honeywell Advisory #1 - Honeywell published an end-of-life notice for their PWLP Mercury Series 3/LP Series Intelligent Controllers.

Honeywell Advisory #2 - Honeywell published an end-of-life notice for their 30 Series 5MP Fisheye Camera.

Honeywell Advisory #3 - Honeywell published an end-of-life notice for their VMS R670 & R700 / NVR6.7 & R7.0.

HP Advisory - HP published an advisory that discusses three vulnerabilities in multiple HP products.

HPE Advisory - HPE published an advisory that describes two vulnerabilities (one with publicly available exploit) in their Aruba Networking Virtual Intranet Access (VIA) Client.

IDS Advisory - JP-CERT published an advisory that describes eight vulnerabilities in the IDS Wi-Fi AP UNIT 'AC-WPS-11ac series'.

JTEKT Advisory #1 - JTEKT published an advisory that describes six vulnerabilities in their HMI View Jet C-more series.

JTEKT Advisory #2 - JTEKT published an advisory that describes two vulnerabilities in their HMI GC-A2 series.

Meinberg Advisory - Meinberg published an advisory that discusses five vulnerabilities in their Lantime product.

PcVue Advisory - PcVue published an advisory that discusses a NULL pointer dereference vulnerability in their IEC 61850 client driver and the ICCP client add-on in PcVue.

Philips Advisory #1 - Philips published an advisory that discusses an authorization bypass (CVE-2025-29927) that affects Next.js.

Philips Advisory #2 - Philips published an advisory that discusses a Chromium sandbox escape vulnerability that is listed in the CISA Known Exploited Vulnerabilities catalog.

Philips Advisory #3 - Philips published an advisory that discusses a recent Oracle Health data breach.

SEL Advisory #1 - SEL published a software update notice that reports cybersecurity upgrades in their SEL-5052 Server Software.

SEL Advisory #2 - SEL published a software update notice that reports cybersecurity upgrades in their SEL Compass product.

SEL Advisory #3 - SEL published a software update notice that reports cybersecurity upgrades in their SEL-5030 acSELerator QuickSet Software.

SEL Advisory #4 - SEL published a software update notice that reports cybersecurity upgrades in their SEL-5033 acSELerator RTAC Software.

 

For more information on these disclosures, including links to 3^rd party advisories, researcher reports, and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-3-81f - subscription required.

Review – Public ICS Disclosures – Week of 3-8-25 – Part 2

For Part 2 we have three additional vendor disclosures from SEL, Sick, and Zyxel. There are also 21 vendor updates for products from Broadcom, HP, HPE, Schneider (2), and Siemens (16). Finally, we have six exploits for vulnerabilities in products from ABB (2), Foundstone, GE, WinTr, and Yokogawa.

Advisories

SEL Advisory - SEL published an update notice for their SEL-5032 acSELerator Architect Software that included a cybersecurity enhancement.

Sick Advisory - Sick published an advisory that describes three vulnerabilities in their SICK DL100-2xxxxxxx.

Zyxel Advisory - Zyxel published an advisory that describes three OS command injection vulnerabilities in multiple Zyxel product lines.

Updates

Broadcom Update - Broadcom published an update for their Brocade ASCG Vulnerability advisory that was originally published on January 7^th, 2025, and most recently updated on February 27^th, 2025.

HP Update - HP published an update for their HP LaserJet Pro advisory that was originally published on February 14^th, 2025.

HPE Update - HPE published an update for their Aruba Networking Access Points advisory that was originally published on August 3^rd, 2024, and most recently updated on August 15^th, 2024.

Schneider Update #1 - Schneider published an update for their Modicon M241 advisory that was originally published on December 10^th, 2024.

Schneider Update #2 - Schneider published an update for their EcoStruxure Power Monitoring Expert advisory that was originally published on October 8^th, 2024.

Siemens Update #1 - Siemens published an update for their User Management Component advisory that was originally published on December 16^th, 2024.

Siemens Update #2 - Siemens published an update for their n SIMATIC S7-1500 advisory that was originally published on October 8^th, 2024, and most recently updated on January 14^th, 2025.

Siemens Update #3 - Siemens published an update for their Fortigate NGFW advisory that was originally published on March 12^th, 2024, and most recently updated on February 11^th, 2025.

Siemens Update #4 - Siemens published an update for their Fortigate NGFW advisory that was originally published on February 11^th, 2025.

Siemens Update #5 - Siemens published an update for their SIPROTEC 5 advisory that was originally published on February 11^th, 2025.

Siemens Update #6 - Siemens published an update for their Radius Protocol advisory that was originally published on July 9^th, 2024, and most recently updated on January 14^th, 2025.

Siemens Update #7 - Siemens published an update for their Radius Protocol advisory that was originally published on July 9^th, 2024, and most recently updated on January 14^th, 2025.

Siemens Update #8 - Siemens published an update for their SegmentSmack advisory that was originally published on April 14^th, 2020, and most recently updated on January 14^th, 2025.

Siemens Update #9 - Siemens published an update for their DHCP Client advisory that was originally published on November 12^th, 2019, and most recently updated on February 13^th, 2024.

Siemens Update #10 - Siemens published an update for their GNU/Linux subsystem advisory that was originally published on December 12^th, 2022, and most recently updated February 11^th, 2025.

Siemens Update #11 - Siemens published an update for their GNU/Linux subsystem advisory that was originally published on April 9^th, 2024, and most recently updated on February 11^th, 2025.

Siemens Update #12 - Siemens published an update for their Nucleus RTOS advisory that was originally published on April 13^th, 2021, and most recently updated on February 13^th, 2023.

Siemens Update #13 - Siemens published an update for their SIMATIC Products Webserver advisory that was originally published on February 11^th, 2025.

Siemens Update #14 - Siemens published an update for their SIPROTEC 5 Webserver advisory that was originally published on January 14^th, 2025, and most recently updated on February 11^th, 2025.

Siemens Update #15 - Siemens published an update for their SIMATIC S7-1500 CPUs Webserver advisory that was originally published on October 8^th, 2024, and most recently updated on January 14^th, 2025.

Siemens Update #16 - Siemens published an update for their User Management Component advisory that was originally published on September 10^th, 2024, and most updated on January 14^th, 2025.

Exploits

ABB Exploit #1 - Indoushka published an exploit for two vulnerabilities in the ABB AC500.

ABB Exploit #2 - Indoushka published an exploit for a shell upload vulnerability in the ABB Cylon Aspect.

Foundstone Exploit - Ahmet Ümit Bayram published an exploit for a buffer overflow vulnerability in the Foundstone SuperScan product.

GE Proficy Exploit - Indoushka published an exploit for a directory traversal vulnerability in the GE Proficy Cimplicity 7 product.

VMware Exploit - Indoushka published an exploit for an ASP.NET misconfiguration: use of identity impersonation vulnerability in the VMware vCenter Server product.

WinTR Exploit - Ahmet Ümit Bayram published an exploit for a command injection vulnerability in the WinTR Scada product.

Yokogawa Exploit - Indoushka published an exploit for an improper restriction of operation within the bounds of a memory buffer vulnerability in the Yokogawa CENTUM CS 3000.

 

For more information on these disclosures, including links to 3^rd party advisories, researcher reports, and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-3-fdf - subscription required.

Review – Public ICS Disclosures – Week of 2-21-25 – Part 2

For Part 2 we have five additional vendor disclosures from Planex Communications, SEL (2), Sick, and Sierra Wireless. There are also eight vendor updates from Broadcom (4), Dell, Hitachi Energy, HPE, and Sick. There is a researcher report for vulnerabilities in products from Siemens. Finally, we have an exploit for products from FortiGuard.

Advisories

Planex Advisory - JP-CERT published an advisory that describes two vulnerabilities in the Planex Wireless LAN routers.

SEL Advisory #1 - SEL published a software update notice that included cybersecurity enhancements to fix six third-party vulnerabilities (one with publicly available exploit) for their SEL-3350 product.

SEL Advisory #2 - SEL published a software update notice that included cybersecurity enhancements to fix three third-party vulnerabilities for their SEL-3355-2 and SEL-3360-2 products.

Sick Advisory - Sick published an advisory that describes two vulnerabilities in their Lector8xx and InspectorP8xx products.

Sierra Wireless Advisory - Semtech published an advisory that discusses the 5Ghoul vulnerabilities in their s EM919x and EM929x cellular modules.

Updates

Broadcom Update #1 - Broadcom published an update for their Brocade Fabric OS advisory that was originally published on September 26^th, 2024, and most recently updated on January 7^th, 2025.

Broadcom Update #2 - Broadcom published an update for their Brocade SANnav advisory that was originally published on October 14^th, 2024, and most recently updated on February 13^th, 2024.

Broadcom Update #3 - Broadcom published an update for their Brocade ASCG advisory that was originally published on January 7^th, 2025, and most recently updated on February 13^th, 2025.

Broadcom Update #4 - Broadcom published an update for their compromised container advisory that was originally published on October 14^th, 2024.

Dell Update - Dell published an update for their ThinOS advisory that was originally published on September 9^th, 2024.

Hitachi Energy Update - Hitachi Energy published an update for their Relion 670/650/SAM600-IO series advisory that was originally published on November 4^th, 2021, and most recently updated on March 14^th, 2023.

HPE Update - HPE published an update for their ProLiant DL/ML advisory that was originally published on February 11^th, 2025.

Sick Update - Sick published an update for their MEAC300 advisory that was originally published on February 14^th, 2025.

Researcher Reports

Siemens Report - SEC Consult published a report describing two vulnerabilities in the Siemens A8000 CP-8050 and CP-8031 PLCs.

Exploits

FortiGuard Exploit - Indoushka published an exploit for a code execution vulnerability in the FortiGuard FortiManager product.

 

For more information on these disclosures, including links to 3rd party advisories, researcher reports and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-2-ef6 - subscription required.

Review – Public ICS Disclosures – Week of 1-25-25 – Part 2

For Part 2 we have nine additional vendor disclosures from NI, Philips, Rockwell (2), QNAP, SEL, SMA Solar Technology (2), and VMware. There are eight vendor updates from FortiGuard (3), HP (4), and Palo Alto Networks. Finally, we have a researcher report for vulnerabilities in products from Wind River.

Advisories

NI Advisory - NI published an advisory that describes a dependency on vulnerable third-party component vulnerability in multiple NI products.

Philips Advisory - Philips published an advisory that discusses two recent 7-ZIP vulnerabilities (CVE-2024-11477 and CVE-2025-0411).

Rockwell Advisory #1 - Rockwell published an advisory that describes an improper handling of exceptional conditions vulnerability in their GuardLogix products.

Rockwell Advisory #2 - Rockwell published an advisory that describes a cleartext transmission of sensitive information vulnerability in their PowerFlex 755 product.

QNAP Advisory - QNAP published an advisory that discusses a ClamAV heap-based buffer overflow vulnerability.

SEL Advisory - SEL published a software update notice for their Blueframe Resource Communication Services that reports a cybersecurity enhancement.

SMA Advisory #1 - CERT-VDE published an advisory that describes a cross-site request forgery vulnerability in the SMA Cluster Controller.

SMA Advisory #2 - CERT-VDE published an advisory that describes an improper restriction of rendered UI layers or frames vulnerability in the SMA Sunny Webbox.

VMware Advisory - Broadcom published an advisory that describes five vulnerabilities in the VMware Aria Operations for Logs and VMware Aria Operations updates.

Updates

FortiGuard Update #1 - FortiGuard published an update for their unchecked boundary length advisory that was originally published on January 14^th, 2025, and most recently updated on January 22^nd.

FortiGuard Update #2 - FortiGuard published an update for their improper access control advisory that was originally published on February 22^nd, 2024.

FortiGuard Update #3 - FortiGuard published an update for their OS command injection advisory that was originally published on October 10^th, 2023.

HP Update #1 - HP published an update for their Plantronics Hub advisory that was originally published on December 20^th, 2023, and most recently updated on September 11^th, 2024.

HP Update #2 - HP published an update for their NVIDIA GPU Display Driver advisory that was originally published on September 6^th, 2024.

HP Update #3 - HP published an update for their NVIDIA GPU Display Driver advisory that was originally published on July 1^st, 2024.

HP Update #4 - HP published an update for their Intel 2024.3 IPU advisory that was originally published on October 17, 2024, and most recently updated on January 15^th, 2025.

Palo Alto Networks Update - Palo Alto Networks published an update for their PAN-OS BIOS and Bootloader advisory that was originally published on January 23^rd, 2025.

Researcher Reports

Wind River Report - SEC Consult published a report that describes two weak password hash algorithm vulnerabilities in the Wind River VxWorks products.

 

For more information on these disclosures, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-1-964 - subscription required.

Review – Public ICS Disclosures – Week of 12-7-24 – Part 1

This week we have 32 vendor disclosures from HP, HPE (12), Palo Alto Networks, Phoenix Contact (2), QNAP (3), Schneider (3), SEL, SICK, Splunk (7), and Supermicro.

Advisories

HP Advisory - HP published an advisory that describes an uncaught exception vulnerability in multiple business computers.

HPE Advisory #1 - HPE published an advisory that describes two vulnerabilities (one with multiple publicly available exploits) in their Aruba Networking AirWave Management Platform.

HPE Advisory #2 - HPE published an advisory that discusses an improper FMS in hardware logic vulnerability in their SimpliVity Servers.

HPE Advisory #3 - HPE published an advisory that discusses an incorrect order behavior vulnerability in the SimpliVity Servers.

HPE Advisory #4 - HPE published an advisory that discusses four vulnerabilities in their SimpliVity Servers.

HPE Advisory #5 - HPE published an advisory that discusses an improper FMS in hardware logic vulnerability in their SimpliVity Servers.

HPE Advisory #6 - HPE published an advisory that discusses two vulnerabilities in their SimpliVity Servers.

HPE Advisory #7 - HPE published an advisory that discusses an insufficient control flow management vulnerability in their SimpliVity Servers.

HPE Advisory #8 - HPE published an advisory that discusses two vulnerabilities in their SimpliVity Servers.

HPE Advisory #9 - HPE published an advisory that discusses a code injection vulnerability in their SimpliVity AMD Servers.

HPE Advisory #10 - HPE published an advisory that discusses a sensitive information in resource not removed before reuse vulnerability in their SimpliVity Servers.

HPE Advisory #11 - HPE published an advisory that discusses an observable discrepancy vulnerability in their SimpliVity Servers.

HPE Advisory #12 - HPE published an advisory that discusses four vulnerabilities in their Telco Service Orchestrator.

Palo Alto Networks Advisory - Palo Alto Networks published an advisory that discusses two type confusion vulnerabilities in their Prisma Access Browser.

Phoenix Contact Advisory #1 - Phoenix Contact published an advisory that discusses six vulnerabilities (one with publicly available exploit) in their PLCNext products.

Phoenix Contact Advisory #2 - Phoenix Contact published an advisory that discusses 63 vulnerabilities in their PLCNext products.

QNAP Advisory #1 - QNAP published an advisory that describes a link following vulnerability in their Qsync Central product.

QNAP Advisory #2 - QNAP published an advisory that describes eight vulnerabilities in their QTS and QuTS hero products that were reported during a recent PWN-to-OWN competition.

QNAP Advisory #3 - QNAP published an advisory that describes an OS command injection vulnerability in their License Center product.

Schneider Advisory #1 - Schneider published an advisory that describes an improper authentication vulnerability in their PowerChute Serial Shutdown product.

Schneider Advisory #2 - Schneider published an advisory that describes a use of unmaintained third-party components vulnerability in their Harmony HMI and Pro-face HMI products.

Schneider Advisory #3 - Schneider published an advisory that describes an improper input validation vulnerability in their Modicon controllers.

SEL Advisory - SEL published a version update notice for their SEL-5037 SEL Grid Configurator that reported a cybersecurity enhancement.

SICK Advisory - SICK published an advisory that describes six vulnerabilities in their InspectorP61x, InspectorP62x and TiM3xx products.

Splunk Advisory #1 - Splunk published an advisory that discusses an exposure of sensitive information vulnerability in their Universal Forwarder.

Splunk Advisory #2 - Splunk published an advisory that discusses 11 vulnerabilities in their Enterprise product.

Splunk Advisory #3 - Splunk published an advisory that describes a deserialization of untrusted data vulnerability in their Secure Gateway app.

Splunk Advisory #4 - Splunk published an advisory that describes a cleartext transmission of sensitive information vulnerability in their Enterprise product SPL commands.

Splunk Advisory #5 - Splunk published an advisory that describes an exposure of sensitive information to unauthorized actor vulnerability in their Enterprise product.

Splunk Advisory #6 - Splunk published an advisory that describes an exposure of sensitive information to unauthorized actor vulnerability in their Enterprise product.

Splunk Advisory #7 - Splunk published an advisory that describes an exposure of sensitive information to unauthorized actor vulnerability in their Enterprise product.

Supermicro Advisory - Supermicro published an advisory that describes a memory address aliasing vulnerability in their EPYC 3rd and 4th Gen Processors.

 

For more information on these advisories, including links to 3rd party advisories, researcher reports, and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-12-2f8 - subscription required.

Review – Public ICS Disclosures – Week of 11-9-24 – Part 2

For Part 2 this week we have 40 additional vendor disclosures from HPE (19), Insyde, Meinberg, Milestone, Palo Alto Networks (9), SEL, Schneider (4), Westermo (3), and Zyxel.

Advisories

HPE Advisory #1 - HPE published an advisory that describes an unauthorized file access vulnerability in their Cray Data Virtualization Service (DVS). 

HPE Advisory #2 - HPE published an advisory that describes an unauthorized file access vulnerability in their Cray Data Virtualization Service (DVS).

HPE Advisory #3 - HPE published an advisory that discusses an improper access control vulnerability in their Cray ClusterStor Data Services.

HPE Advisory #4 - HPE published an advisory that discusses nine vulnerabilities in their HP-UX Using OpenSSL.

HPE Advisory #5 - HPE published an advisory that discusses five vulnerabilities in their Unified OSS Console.

HPE Advisory #6 - HPE published an advisory that discusses a privilege escalation vulnerability in their Ethernet Adapters Using Intel Ethernet Adapter Complete Driver Pack.

HPE Advisory #7 - HPE published an advisory that discusses a sensitive information in resource not removed before reuse vulnerability in ProLiant DL/ML, Alletra, Synergy, and Edgeline Servers.

HPE Advisory #8 - HPE published an advisory that discusses an improper FMS in hardware logic vulnerability in their HPE ProLiant DL/ML, Alletra, Synergy, and Edgeline Servers.

HPE Advisory #9 - HPE published an advisory that discusses an insufficient flow control management vulnerability in their ProLiant DL/ML, Alletra, Synergy, and Edgeline Servers.

HPE Advisory #10 - HPE published an advisory that discusses a denial of service vulnerability in their StoreEasy Servers.

HPE Advisory #11 - HPE published an advisory that discusses two vulnerabilities in their HPE StoreEasy servers.

HPE Advisory #12 - HPE published an advisory that discusses two vulnerabilities in their ProLiant DL/ML, Alletra, Synergy, and Edgeline servers.

HPE Advisory #13 - HPE published an advisory that discusses two vulnerabilities in their ProLiant DL/ML, Alletra, Synergy, and Edgeline Servers.

HPE Advisory #14 - HPE published an advisory that discusses five out-of-bounds write vulnerabilities in their HP-UX NTP Software.

HPE Advisory #15 - HPE published an advisory that discusses 10 vulnerabilities (3 have publicly available exploits) in their Telco IP Mediation Application.

HPE Advisory #16 - HPE published an advisory that discusses two vulnerabilities in their StoreEasy Servers.

HPE Advisory #17 - HPE published an advisory that discusses a sensitive information in resource not removed before reuse vulnerability in their StoreEasy Servers.

HPE Advisory #18 - HPE published an advisory that discusses an improper FMS in hardware logic vulnerability in their StoreEasy Servers.

HPE Advisory #19 - HPE published an advisory that discusses the PixieFail vulnerabilities in their Cray Servers.

Insyde Advisory - Insyde published an advisory that describes a factory reset vulnerability in their IHISI function.

Meinberg Advisory - Meinberg published an advisory that describes three vulnerabilities in their Lantime product.

Milestone Advisory - Milestone published an advisory that discusses a clear-text transmission of sensitive information vulnerability in their SQL Client.

Palo Alto Networks Advisory #1 - Palo Alto Networks published an advisory that discusses 20 vulnerabilities in their Prisma Access Browser.

Palo Alto Networks Advisory #2 - Palo Alto Networks published an advisory that describes a cross-site scripting vulnerability in their PAN-OS product.

Palo Alto Networks Advisory #3 - Palo Alto Networks published an advisory that describes a NULL pointer dereference vulnerability in their GlobalProtect Gateway product.

Palo Alto Networks Advisory #4 - Palo Alto Networks published an advisory that describes a NULL pointer dereference vulnerability in multiple firewall products.

Palo Alto Networks Advisory #5 - Palo Alto Networks published an advisory that describes a path traversal vulnerability in multiple Palo Alto Networks products.4

Palo Alto Networks Advisory #6 - Palo Alto Networks published an advisory that describes a server-side request forgery vulnerability in multiple Palo Alto Network products.

Palo Alto Networks Advisory #7 - Palo Alto Networks published an advisory that describes an improper certificate validation vulnerability in multiple Palo Alto Networks products.

Palo Alto Networks Advisory #8 - Palo Alto Networks published an advisory that describes an improper restriction of XML external entity reference vulnerability in multiple Palo Alto Networks products.

Palo Alto Networks Advisory #9 - Palo Alto Networks published an advisory that describes a NULL pointer dereference vulnerability in multiple Palo Alto Networks products.

SEL Advisory - SEL published a new version notice for their SEL-5037 SEL Grid Configurator that describes a security enhancement.

Schneider Advisory #1 - Schneider published an advisory that describes an uncontrolled resource consumption vulnerability in their PowerLogic PM5300 series products.

Schneider Advisory #2 - Schneider published an advisory that describes two vulnerabilities in their Modicon Controllers.

Schneider Advisory #3 - Schneider published an advisory that describes three vulnerabilities in their Modicon Controllers.

Schneider Advisory #4 - Schneider published an advisory that describes a missing authorization vulnerability in their EcoStruxure IT Gateway.

Westermo Advisory #1 - Westermo published an advisory that discusses two vulnerabilities (with publicly available exploit code) in their WEos product.

Westermo Advisory #2 - Westermo published an advisory that describes a stack-based overflow vulnerability in their WEos product.

Westermo Advisory #3 - Westermo published an advisory that discusses two vulnerabilities (one with publicly available exploits) in their WeOS product.

Zyxel Advisory - Zyxel published an advisory that describes two vulnerabilities in their GS1900 series switches.

 

For more information on these disclosures, including links to 3rd party advisories, researcher reports and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-11-96b - subscription required.

Review – Public ICS Disclosures – Week of 11-2-24

This week we have 13 vendor disclosures from Cisco, Hitachi (2), HPE (3), Moxa, Palo Alto Networks (2), QNAP, SEL, Sick, and WatchGuard. We have a vendor update from FortiGuard. Finally, we have 11 researcher reports for vulnerabilities in products from ABB and Delta Electronics (10).

Advisories

Cisco Advisory - Cisco published an advisory that describes a command injection vulnerability in their Unified Industrial Wireless Software.

Hitachi Advisory #1 - Hitachi published an advisory that discusses four vulnerabilities in multiple Hitachi products.

Hitachi Advisory #2 - Hitachi published an advisory that discusses four vulnerabilities in their Cosminexus Developer's Kit for Java and Hitachi Developer's Kit products.

HPE Advisory #1 - HPE published an advisory that discusses the regreSSHion vulnerability. HPE provides a list of Cray products affected by the vulnerability.

HPE Advisory #2 - HPE published an advisory that discusses seven vulnerabilities (one with publicly available exploit) in their Unified OSS Console Assurance Monitoring (UOCAM) Software.

HPE Advisory #3 - HPE published an advisory that describes six vulnerabilities in their Aruba Networking Access Points.

Moxa Advisory - Moxa published an advisory that describes three vulnerabilities in their EDS-P510 Series products.

Palo Alto Networks Advisory #1 - Palo Alto Networks published an advisory that discusses 77 vulnerabilities in their Cortex XDR agent product.

Palo Alto Networks Advisory #2 - Palo Alto Networks published an advisory that discusses a claim of a remote code execution vulnerability via the PAN-OS management interface.

QNAP Advisory - QNAP published an advisory that describes an unidentified vulnerability in their QuRouter.

SEL Advisory - SEL published a new version notice for their Blueframe OS that reports that the latest version resolves two cybersecurity issues.

Sick Advisory - Sick published an advisory that discusses 10 vulnerabilities in their CDE-100 product. These are third-party vulnerabilities.

WatchGuard Advisory - WatchGuard published an advisory that describes an improper privilege management vulnerability in their Endpoint Protection product family.

Updates

FortiGuard Update - FortiGuard published an update for their FortiManager fgfmd daemon advisory that was originally published on October 23^rd, 2024, and most recently updated on November 5^th, 2024.

Researcher Reports

ABB Report - Zero Science published a report of an off-by-one error vulnerability (with publicly available exploit) in the ABB Cylon Aspect building energy management product.

Delta Reports - Zero Day Initiative published 10 reports describing vulnerabilities in the Delta DIAScreen, a component of the DIAStudio Smart Machine Suite.

 

For more information on these disclosures, including links to 3^rd party advisories, researcher reports and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-11-062 - subscription required.

Review – Public ICS Disclosures – Week of 10-12-24 – Part 2

For Part 2 we have 18 additional vendor disclosures from Moxa, SEL (2), Splunk (13), TAI Smart Factory, and VMware. There are also four vendor updates from FortiGuard (2), Mitsubishi Electric, and Palo Alto Networks. There are also two researcher reports for vulnerabilities in products from ABB and Rittal. Finally, we have an exploit for products from WatchGuard.

Advisories

Moxa Advisory - Moxa published an advisory that describes two vulnerabilities in their Cellular Routers, Secure Routers, and Network Security Appliances.

SEL Advisory #1 - SEL published a new version notice that describes cybersecurity enhancements for their SEL-5703 Synchrowave Monitoring product.

SEL Advisory #2 - SEL published a new versions notice that describes cybersecurity enhancements for their SEL-5702 Synchrowave Operations product.

Splunk Advisory #1 - Splunk published an advisory that describes an arbitrary file write vulnerability in their Enterprise for Windows product.

Splunk Advisory #2 - Splunk published an advisory that describes a missing authorization vulnerability in their SplunkDeploymentServerConfig app.

Splunk Advisory #3 - Splunk published an advisory that describes a deserialization of untrusted data vulnerability in their Enterprise on Windows product.

Splunk Advisory #4 - Splunk published an advisory that describes an improper access control vulnerability in their Classic Dashboard product.

Splunk Advisory #5 - Splunk published an advisory that describes an improper access control vulnerability in their Secure Gateway App.

Splunk Advisory #6 - Splunk published an advisory that describes an uncontrolled resource consumption vulnerability in their Daemon product.

Splunk Advisory #7 - Splunk published an advisory that describes a cross-site request forgery vulnerability in their Enterprise and Cloud Platform products.

Splunk Advisory #8 - Splunk published an advisory that describes an insertion of sensitive information into a log file vulnerability in their Enterprise product.

Splunk Advisory #9 - Splunk published an advisory that describes an insertion of sensitive information into a log file vulnerability in their Enterprise product.

Splunk Advisory #10 - Splunk published an advisory that describes a cross-site scripting vulnerability in their Enterprise product.

Splunk Advisory #11 - Splunk published an advisory that describes a cross-site scripting vulnerability in their Enterprise product.

Splunk Advisory #12 - Splunk published an advisory that discusses 68 vulnerabilities in their Enterprise product.

Splunk Advisory #13 - Splunk published an advisory that discusses four vulnerabilities (one with publicly available exploit) in their Add-on for Office 365 product.

TAI Advisory - Incibe-CERT published an advisory that describes an SQL injection vulnerability in the TAI Smart Factory's QPLANT plant data management product.

VMware Advisory - Broadcom published an advisory that describes an SQL injection vulnerability in their HCX product.

UPDATES

FortiGuard Update #1 - FortiGuard published an update for their regreSSHion  advisory that was originally published on July 9^th, 2024, and most recently updated on September 11^th, 2024.

FortiGuard Update #2 - FortiGuard published an update for their Format String Bug that was originally published on February 8^th, 2024, and most recently updated on October 11^th, 2024.

Mitsubishi Update - Mitsubishi published an update for their GENESIS64 advisory that was originally published on June 27^th, 2024.

Palo Alto Networks Update - Palo Alto Networks published an update for their Firewall Denial of Service advisory that was originally published on October 9^th, 2024.

Researcher Reports

ABB Reports - Zero Science published five reports about individual vulnerabilities (with publicly available exploits) in the ABB Cylon Aspect building management product.

Rittal Report - SEC Consult published a report that describes three vulnerabilities in the Rittal IoT Interface & CMC III Processing Unit.

Exploits

WatchGuard Exploit - Indoushka published an exploit for a buffer overflow vulnerability in the WatchGuard XTM Firebox.

 

For more information on these disclosures, including links to 3rd party advisories, researcher reports, and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-10-7cf - subscription required.

Review – Public ICS Disclosures – Week of 9-28-24

This week we have 13 vendor disclosures from Bosch (2), Cisco, DrayTek (2), Hitachi, HP, JTEKT, QNAP, SEL (2), Splunk, Westermo, and WithSecure. We have two vendor updates from Dell. Finally, we have two exploits for products from ABB and Blackberry.

Advisories

Bosch Advisory #1 - Bosch published an advisory that describes a sensitive information disclosure vulnerability in their Configuration Manager.

Bosch Advisory #2 - Bosch published an advisory that discusses three vulnerabilities in their PRC7000 product.

Cisco Advisory - Cisco published an advisory that describes two vulnerabilities in their Small Business Dual WAN Gigabit VPN Routers.

DrayTek Advisory #1 - DrayTek published an advisory that describes 14 vulnerabilities (with exploits available) in multiple Vigor routers.

DrayTek Advisory #2 - DrayTek published an advisory that describes seven classic buffer overflow vulnerabilities in multiple Vigor routers.

Hitachi Advisory - Hitachi published an advisory that discusses an improper input validation vulnerability in their Cosminexus Component Container.

HP Advisory - HP published an advisory that describes an escalation of privilege vulnerability in their business notebook PCs.

QNAP Advisory - QNAP published an advisory that discusses the CUPS vulnerabilities.

SEL Advisory #1 - SEL published a new version notice for their SEL-5030 acSELerator QuickSet Software that includes a description of a cybersecurity enhancement.

SEL Advisory #2 - SEL published a new version notice for their SEL-5813 Backup and Recovery Tool (BaRT) that includes a description of a cybersecurity enhancement.

Splunk Advisory - Splunk published an advisory that discusses four vulnerabilities in their Add-on for Amazon Web Services.

Westermo Advisory - Westermo published an advisory that describes a session hijacking vulnerability in their IbexOS Web Interface.

WithSecure Advisory - WithSecure published an advisory that describes a denial-of-service vulnerability in their Atlant Product.

Updates

Dell Update #1 - Dell published an update for their ThinOS advisory that was originally published on September 9^th, 2024, and most recently updated on September 18^th, 2024. The

Dell Update #2 - Dell published an update for their ThinOS advisory that was originally published on June 12^th, 2024, and most recently updated on September 9^th, 2024.

Exploits

ABB Exploit - LiquidWorm published an exploit for a file disclosure vulnerability in the ABB Cylon Aspect.

Blackberry Exploit - SEC Consult published an exploit for an uninstall password bypass vulnerability in the Blackberry CylanceOPTICS product.

 

For more information on these disclosures, including links to 3rd party advisories, researcher reports, and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-9-d4d - subscription required.

Review – Public ICS Disclosures – Week of 9-21-24

This week we have 17 vendor disclosures from Broadcom (2), Cisco, GE Vernova, HPE (5), Palo Alto Networks, SEL, SICK, WatchGuard (3), Western Digital, and Zyxel. There are also 3 updates from CODESYS, ELECOM, and HPE. We also have 6 researcher reports for products from ABB (4), Blackberry, and Linear Solutions. Finally, we have 3 exploits for products from BlackNET, Positron, and Texas Instruments.

Advisories

Broadcom Advisory #1 - Broadcom published an advisory that discusses the Blast-Radius vulnerability.

Broadcom Advisory #2 - Broadcom published version release notice for their Brocade Fabric OS that lists the previously disclosed vulnerabilities that are corrected in the latest version.

Cisco Advisory - Cisco published an advisory that describes an improper access control vulnerability in their Industrial Ethernet 4000, 4010, and 5000 Series Switches.

GE Vernova Advisory - GE published an advisory that describes two vulnerabilities in their WorkstationST products.

HPE Advisory #1 - HPE published an advisory that discusses the regreSSHion vulnerability in their HPE Superdome Flex and Superdome Flex 280 servers.

HPE Advisory #2 - HPE published an advisory that describes three command injection vulnerabilities in their Aruba Access Points products.

HPE Advisory #3 - HPE published an advisory that describes a cross-site request forgery vulnerability in their IceWall Agent products.

HPE Advisory #4 - HPE published an advisory that discusses a protection mechanism failure vulnerability in their SimpliVity Servers.

HPE Advisory #5 - HPE published an advisory that discusses an inconsistent flow control management vulnerability in their SimpliVity Servers.

Palo Alto Networks Advisory - Palo Alto Networks published an advisory that discusses the CUPS vulnerabilities.

SEL Advisory - SEL published a new version notice for their SEL-5033 acSELerator RTAC software that describes a cybersecurity enhancement.

SICK Advisory - SICK published an advisory that describes a missing authentication for critical function vulnerability in their MSC800 track and trace controller.

WatchGuard Advisory #1 - WatchGuard published an advisory that describes an incorrect authorization vulnerability (with publicly available exploit) in their Authentication Gateway.

WatchGuard Advisory #2 - WatchGuard published an advisory that describes an incorrect authorization vulnerability (with publicly available exploit) in their Authentication Gateway.

WatchGuard Advisory #3 - WatchGuard published an advisory that describes an improper handling of exceptional or unusual conditions vulnerability (with publicly available exploit) in their Single Sign-On Client.

Western Digital Advisory - Western Digital published an advisory that describes an improper restriction of operations within the bounds of a memory buffer vulnerability in their My Cloud firmware.

Zyxel Advisory - Zyxel published an advisory that describes four improper restriction of operations within the bounds of a memory buffer vulnerabilities in multiple Zyxel products.

Updates

CODESYS Update - CODESYS published an update for their Control V3 web server advisory that was originally published on August 29^th, 2024.

ELECOM Update - JP-CERT published an update for their ELECOM wireless LAN advisory that was originally published on August 27^th, 2024.

HPE Update - HPE published an update for their ProLiant DL/ML/XL, Edgeline, MicroServer and Synergy Servers advisory that was originally published on September 16^th, 2024 and most recently updated on September 19^th, 2024.

Researcher Reports

ABB Report #1 - Zero Science published a report that describes a files or directories accessible to external parties vulnerability (with an associated exploit) in the ABB ASPECT building management software.

ABB Report #2 - Zero Science published a report that describes an improper input validation vulnerability (with an associated exploit) in the ABB ASPECT building management software.

ABB Report #3 - Zero Science published a report that describes a command injection vulnerability (with an associated exploit) in the ABB ASPECT Control Engines.

ABB Report #4 - Zero Science published a report that describes a use of default credentials vulnerability (with an associated exploit) in the ABB ASPECT system.

Blackberry Report - SEC Consult published a report that describes an authentication bypass by alternate path or channel vulnerability in the Blackberry CylanceOPTICS Windows Installer Package.

Linear Solutions Report - SSD published a report that describes a remote code execution vulnerability in the Linear eMerge E3 access control product.

Exploits

BlackNET Exploit - bRpsd published an exploit for a missing authentication for critical operation vulnerability in the BlackNET secure transport layer.

Positron Exploit - Indoushka published an exploit for a cross-site request forgery in the Positron Broadcast Signal Processor TRA7005.

TI Exploit - crypt0d1v3r published a proof-of-concept toolkit for a denial of service vulnerability in the TI bluetooth stack.

 

For more information on these disclosures, including links to 3rd party advisories, researcher reports and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-9-2c2 - subscription required.