Review – Public ICS Disclosures – Week of 2-7-26 – Part 2

 For Part 2 we have five additional vendor disclosures from Arista, HPE, Supermicro, WAGO, and Yokogawa. There are ten vendor updates from Broadcom (3), CODESYS (2), HP, HPE, and Schneider (3). We also have three researcher reports for products from Sante, Linksys, and Solax. Finally, we have three exploits for products from FortiGuard, Palo Alto Networks, and SolarWinds.

Advisories

Arista Advisory - Arista published an advisory that describes six vulnerabilities in their Next Generation Firewall.

HPE Advisory - HPE published an advisory that discusses an improper handling of values vulnerability in their ProLiant DL/ML/XD, Synergy, Edgeline, MicroServer.

Supermicro Advisory - Supermicro published an advisory that discusses 11 vulnerabilities in multiple Supermicro products.

WAGO Advisory - CERT-VDE published an advisory that describes four vulnerabilities in the WAGO Industrial-Managed-Switch 0852-XXXX products.

Yokogawa Advisory - Yokogawa published an advisory that describes six vulnerabilities in their Vnet/IP Interface Package.

Updates

Broadcom Update #1 - Broadcom published an update for their Brocade Fabric OS advisory that was originally published on August 1^st, 2023.

Broadcom Update #2 - Broadcom published an update for their Brocade Fabric OS advisory that was originally published on May 17^th, 2017.

Broadcom Update #3 - Broadcom published an update for their rsynd advisory that was originally published on September 13, 2022.

CODESYS Update #1 - CODESYS published an update for their CODESYS Control advisory that was originally published on December 1^st, 2025.

CODESYS Update #2 - CODESYS published an update for their CODESYS Control advisory that was originally published on December 1^st, 2025.

HP Update - HP published an update for their LaserJet advisory that was originally published on November 13^th, 2025, and most recently updated on December 10^th, 2025.

HPE Update - HPE published an update for their Aruba Networking EdgeConnect advisory that was originally published on January 14^th, 2026.

Schneider Update #1 - Schneider published an update for their EcoStruxure Power Operation advisory that was originally published on July 8^th, 2025.

Schneider Update #2 - Schneider published an update for their EcoStruxure Foxboro DCS advisory that was originally published on December 9^th, 2025.

Schneider Update #3 - Schneider published an update for their Uni-Telway Driver advisory that was originally published on February 11^th, 2025, and most recently updated on January 13^th, 2026.

Researcher Reports

Linksys Report - SySS Tech published a report that describes six vulnerabilities (with proof-of-concept code) in the Linksys MR9600 and MX4200 routers.

Sante Report - The Zero Day Initiative published a report that describes a buffer overflow vulnerability in the Sante DICOM Viewer Pro.

Solax Report - SEC Consult published a report that describes three vulnerabilities (with proof-of-concept code) in the Solax Power Pocket WiFi models.

Exploits

FortiGuard Exploit - Peter Gabaldon published an exploit for an exposure of sensitive information to an unauthorized actor vulnerability in the FortiGuard FortiGate product.

Palo Alto Networks Exploit - Indoushka published an exploit for four vulnerabilities in the Palo Alto Networks PAN-OS products.

 

For more information about these disclosures, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-2-c98 - subscription required.

Review – Public ICS Disclosures – Week of 5-11-24 – Part 2

For Part 2, we have eight additional vendor disclosures from Philips, Phoenix Contact, SEL, Siemens (2), and Wireshark (3). There are also 25 updates for products from B&R, HPE, and Siemens (23). Finally, we have a researcher report for vulnerabilities in products from Sante.

Advisories

Philips Advisory - Philips published an advisory that discusses two vulnerabilities from F5 BIG-IP (CVE-2024-21793 and CVE-2024-26026).

Phoenix Contact Advisory - Phoenix Contact published an advisory that describes five vulnerabilities in their CHARX SEC charge controllers.

SEL Advisory - SEL published an advisory that announces a new version of their SEL-5037 SEL Grid Configurator that includes an improved cipher strength for installer certificate generation.

Siemens Advisory #1 - Siemens published an advisory that describes an out-of-bound write vulnerability in their Parasolid product.

Siemens Advisory #2 - Siemens published an advisory that describes an out-of-bounds write vulnerability in their Tecnomatix Plant Simulation product.

Wireshark Advisory #1 - Wireshark published an advisory that describes an infinite loop vulnerability in their MONGO and ZigBee TLV dissector.

Wireshark Advisory #2 - Wireshark published an advisory that describes a mismatched memory management routines vulnerability in their Editcap product.

Wireshark Advisory #3 - Wireshark published an advisory that describes a use after free vulnerability in their Editcap product.

B&R Update - B&R published an update for their Automation Studio advisory that was originally published on October 29^th, 2021.

HPE Update - HPE published an update for their ProLiant DL/DX/ML/SY/RL/XL/Edgeline Servers advisory that was originally published on April 2^nd, 2024, and most recently updated on April 18^th, 2024.

Siemens Update #1 - Siemens published an update for their User Management Component advisory that was originally published on December 12^th, 2023 and most recently updated on February 13^th, 2024.

Siemens Update #2 - Siemens published an update for their SIMATIC STEP advisory that was originally published on June 13^th, 2023 and most recently updated on March 12^th, 2024.

Siemens Update #3 - Siemens published an update for their APOGEE, TALON and Desigo PXC/PXM advisory that was originally published on October 11^th, 2022.

Siemens Update #4 - Siemens published an update for their Polarion ALM advisory that was originally published on February 13^th, 2024 and March 12^th, 2024.

Siemens Update #5 - Siemens published an update for their FortiGate NGFW advisory that was originally published on March 12^th, 2024, and most recently updated on April 9^th, 2024.

Siemens Update #6 - Siemens published an update for their OpenSSL (CVE-2022-0778) advisory that was originally published on June 14^th, 2022 and most recently updated on April 9^th, 2024.

Siemens Update #7 - Siemens published an update for their OPC UA Implementations advisory that was originally published on September 12^th, 2023 and most recently updated on April 9^th, 2024.

Siemens Update #8 - Siemens published an update for their OPC Foundation Local Discovery Server advisory that was originally published on April 11^th, 2023 and most recently updated on April 9^th, 2024.

Siemens Update #9 - Siemens published an update for their Nozomi Guardian/CMC advisory that was originally published on February 13^th, 2024.

Siemens Update #10 - Siemens published an update for their Nozomi Guardian/CMC advisory that was originally published on October 10^th, 2023 and most recently updated on November 14^th, 2023.

Siemens Update #11 - Siemens published an update for their Interniche IP-Stack advisory that was originally published on April 14^th, 2020 and most recently updated on February 14th, 2023.

Siemens Update #12 - Siemens published an update for their S7-1500 CPUs advisory that was originally published on December 12^th, 2023 and most recently updated on March 12^th, 2024.

Siemens Update #13 - Siemens published an update for their SIPROTEC 5 Devices that was originally published on December 13^th, 2022 and most recently updated on March 12^th, 2024.

Siemens Update #14 - Siemens published an update for their Palo Alto Networks Virtual NGFW advisory that was originally published on April 9^th, 2024.

Siemens Update #15 - Siemens published an update for their GNU/Linux subsystem advisory that was originally published on December 12, 2023 and most recently updated on April 9^th, 2024.

Siemens Update #16 - Siemens published an update for their SIPROTEC 5 Devices that was originally published on April 11^th, 2023 and most recently updated on March 12^th, 2024.

Siemens Update #17 - Siemens published an update for their Solid Edge advisory that was originally published on March 12^th, 2024.

Siemens Update #18 - Siemens published an update for their Nozomi Guardian/CMC advisory that was originally published on November 14^th, 2023.

Siemens Update #19 - Siemens published an update for their GNU/Linux subsystem advisory that was originally published on April 9^th, 2024.

Siemens Update #20 - Siemens published an update for their Network Communication Stack that was originally published on March 12^th, 2024.

Siemens Update #21 - Siemens published an update for their XPath Constraint advisory that was originally published on March 8^th, 2022 and most recently updated on April 10^th, 2022.

Siemens Update #22 - Siemens published an update for their PROFINET Stack advisory that was originally published on April 12th, 2022 and most recently updated on July 11th, 2023.

Siemens Update #23 - Siemens published an update for their WIBU Systems CodeMeter advisory that was originally published on September 12th, 2023 and most recently updated on December 12th, 2023.

Researcher Reports

Sante Report - The Zero Day Initiative published a report describing an SQL injection vulnerability in the Sante PACS Server PG.

 

For more information on these vulnerabilities, including links to 3rd party advisories, researcher reports, and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-5-226 - subscription required.

Review – Public ICS Disclosures – Week of 2-17-24

This week we have 13 vendor disclosures from ADT-TEC Industrial IT, B&R, Elecom (2), Hitachi, HP, HPE, Palo Alto Networks, Sierra Wireless, VMware (2), WAGO, and Zyxel. There are two vendor updates from Cisco and Elecom. There are also 14 researcher reports for products from Imaging Data Commons, Inductive Automation, Sante, SourceForge (8), Weston (3). Finally, we have three exploits for products from Mayurik (2) and QNAP.

Advisories

ADS-TEC Advisory - CERT-VDE published an advisory that discusses an exposure of resource to wrong sphere vulnerability in multiple ADS-TEC DVG-IRF industrial routers.

B&R Advisory - B&R published an advisory that describes an insufficient communication encryption vulnerability in their Automation Studio and Technology Guarding products.

Elecom Advisory #1 - JP CERT published an advisory that describes two vulnerabilities in the Elecom wireless LAN routers.

Elecom Advisory #2 - JP CERT published an advisory that describes an OS command injection vulnerability in the Elecom wireless LAN routers.

Hitachi Advisory - Hitachi published an advisory that describes an EL injection vulnerability in their Global Link Manager.

HP Advisory - HP published an advisory that discusses a service location protocol vulnerability (listed in CISA’s Known Exploited Vulnerability (KEV) Catalog) in their Tera2 Zero Client and Remote Workstation Card.

HPE Advisory - HPE published an advisory that discusses the generation of error message containing sensitive information vulnerability in their IceWall products.

Palo Alto Networks Advisory - Palo Alto Networks published an advisory that discusses the Leaky-Vessels vulnerabilities.

Sierra Wireless Advisory - Sierra Wireless published an advisory that discusses three vulnerabilities in their s EM919x and EM929x

cellular modules.

VMware Advisory #1 - VMware published an advisory that describes a privilege escalation vulnerability in their Aria Operations product.

VMware Advisory #2 - VMware published an advisory that describes two vulnerabilities in their deprecated VMware Enhanced Authentication Plug-in.

WAGO Advisory - CERT-VDE published an advisory that discusses the Terrapin-Attack vulnerability.

Zyxel published an advisory that describes four vulnerabilities in their firewall and AP products.

Zyxel Advisory - Zyxel published an advisory that describes four vulnerabilities in their firewall and AP products.

Updates

Cisco Update - Cisco published an update for their cURL and libcurl vulnerability advisory that was originally published on October 11^th, 2023 and most recently updated on November 8^th, 2023.

Elecom Update - JP-CERT published an update for their ELECOM and LOGITEC network devices advisory that was originally published on October 5^th, 2020 and most recently updated on January 23^rd, 2024.

Researcher Reports

Imaging Data Commons Report - Cisco Talos published a report describing two use-after-free vulnerabilities in the Imaging Data Commons libdicom.

Inductive Automation Report - The Zero Day Initiative published two reports for individual vulnerabilities in the Inductive Automation Ignition product.

Sante Report - ZDI published a report describing an improper input validation vulnerability in the Sante PACS Server.

SourceForge Reports - Cisco Talos published eight reports describing individual vulnerabilities in the SourceForge Biosig Project.

Weston Reports - Cisco Talos published three reports describing four vulnerabilities in the Weston Embedded product.

Exploits

Mayurik Exploit #1 - Nu11secur1ty published an exploit for an SQL injection vulnerability in the Mayurik Best Petrol Pump Management Software.

Mayurik Exploit #2 - SoSPiro published an exploit for a remote shell upload vulnerability in the Mayurik Best Petrol Pump Management Software.

QNAP Exploit - Spencer McIntyre published a Metasploit module for an OS command injection vulnerability in the QNAP QTS and QuTS hero products.

 

For more information on these disclosures, including links to 3rd party advisories, researcher reports, and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-2-1cf - subscription required.

Review – Public ICS Disclosures – Week of 7-8-23 – Part 1

This week we have 16 vendor disclosures from Aruba Networks, Eaton, Festo, FortiGuard (2), Insyde (3), Moxa (2), Palo Alto Networks, Setelsa, Sick, VMware, and Wireshark (2). We have one vendor update from Moxa. We also have six researcher reports for vulnerabilities in products from VMware (5) and Sante. Finally, we have an exploit for products from Tanzu.

Advisories

Aruba Advisory - Aruba published an advisory that describes nine vulnerabilities in their ArubaOS product.

Eaton Advisory - Eaton published an advisory that reports an undescribed vulnerability in their SMP Gateway automation platform.

Festo Advisory - CERT VDE published an advisory that discusses 200 vulnerabilities in the Festo FactoryViews products.

FortiGuard Advisory #1 - FortiGuard published an advisory that describes a stack-based buffer overflow in their FortiOS and FortiProxy products.

FortiGuard Advisory #2 - FortiGuard published an advisory that describes an insufficient session expiration vulnerability in their FortiOS REST API.

HPE Advisory - HPE published an advisory that describes a privilege escalation vulnerability in their Intelligent Provisioning (IP) for Gen9 product.

Insyde Advisory #1 - Insyde published an advisory that describes an SMI handler vulnerability in their FvbServicesRuntimeDxe.

Insyde Advisory #2 - Insyde published an advisory that reports an update of their Secure Boot dbx.

Insyde Advisory #3 - Insyde published an advisory that discusses a security bypass vulnerability (may be related to the above discussion).

Moxa Advisory #1 - Moxa published an advisory that discusses an uncontrolled recursion vulnerability in some of their switches.

Moxa Advisory #2 - Moxa published an advisory that discusses the PwnKit vulnerability.

Palo Alto Networks Advisory - Palo Alto Networks published an advisory that describes an externally controlled reference to a resource in another sphere vulnerability in their PAN-OS products.

Setelsa Advisory - Incibe CERT published an advisory that describes a relative path traversal vulnerability in the Setelsa ConacWin product.

Sick Advisory - Sick published an advisory that describes eight vulnerabilities in their ICR890-4 track and trace system.

VMware Advisory - VMware published an advisory that describes an authentication bypass vulnerability in their SD-WAN product.

Wireshark Advisory #1 - Wireshark published an advisory that describes a dissector crash vulnerability in their Kafka dissector.

Wireshark Advisory #2 - Wireshark published an advisory that describes a dissector crash vulnerability in their iSCSI dissector.

Updates

Moxa Update - Moxa published an update for their Arm-based computer advisory that was originally published on November 22^nd, 2022 and most recently updated on May 29^th, 2023.

Researcher Report

VMware Reports - Talos Intelligence published five reports for individual vulnerabilities in the VMware vCenter product.

Sante Report - The Zero Day Initiative published a report that describes a use after free vulnerability in the Sante DICOM view.

Exploits

Tanzu Exploit - GatoGamer1155 published an exploit for a code injection vulnerability in the Tanzu Spring Cloud product.

 

For more details about these disclosures, including links to researcher reports and third-party advisories, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-7-1e8 - subscription required.

Review – Public ICS Disclosures – Week of 4-29-23

This week we have 23 vendor disclosures from Broadcom (6), FortiGuard Labs (9), HMS, Honeywell, HP, Insyde (2), OPC Foundation (2), and Philips. We have five researcher reports for vulnerabilities in products from Sante. Finally, we have an exploit report for products from FortiGuard.

Advisories

Broadcom Advisory #1 - Broadcom published an advisory that discusses a cleartext transmission of sensitive information vulnerabilities in multiple Brocade products.

Broadcom Advisory #2 - Broadcom published an advisory that discusses an HTTP request/response smuggling vulnerability in multiple Brocade products.

Broadcom Advisory #3 - Broadcom published an advisory that discusses an allocation of resources without limit or throttling vulnerability in multiple Brocade products.

Broadcom Advisory #4 - Broadcom published an advisory that discusses a data processing error vulnerability in multiple Brocade products.

Broadcom Advisory #5 - Broadcom published an advisory that discusses a deserialization of untrusted data vulnerability in multiple Brocade products.

Broadcom Advisory #6 - Broadcom published an advisory that discusses a deserialization of untrusted data vulnerability in multiple Brocade products.

FortiGuard Advisory #1 - FortiGuard published an advisory that describes an out-of-bounds write vulnerability in their FortiOS and FortiProxy products.

FortiGuard Advisory #2 - FortiGuard published an advisory that describes an open redirect vulnerability in their FortiNAC product.

FortiGuard Advisory #3 - FortiGuard published an advisory that describes a use of hard-coded credentials vulnerability in their FortiNAC product.

FortiGuard Advisory #4 - FortiGuard published an advisory that describes an insufficiently protected credentials vulnerability in their FortiNAC.

FortiGuard Advisory #5 - FortiGuard published an advisory that describes a weak authentication vulnerability in their FortiNAC product.

FortiGuard Advisory #6 - FortiGuard published an advisory that describes a cross-site scripting vulnerability in their FortiNAC product.

FortiGuard Advisory #7 - FortiGuard published an advisory that describes a weak cryptographic algorithm vulnerability in their FortiNAC product.

FortiGuard Advisory #8 - FortiGuard published an advisory that describes a path traversal vulnerability in their FortiADC product.

FortiGuard Advisory #9 - FortiGuard published an advisory that describes an OS command injection vulnerability in their FortiADC product.

HMS Advisory - HMS published an advisory that discusses an authentication bypass by capture replay vulnerability in their Anybus Wireless Bridge II/Bolt.

Honeywell Advisory - Honeywell published an end-of-life notice for multiple products.

HP Advisory -HP published an advisory that discusses eleven vulnerabilities in multiple HP products.

Insyde Advisory #1 - Insyde published an advisory that describes an out-of-bounds read vulnerability in their InsydeCrPkg.

Insyde Advisory #2 - Insyde published an advisory that describes an inadequate input validation vulnerability in multiple Intel mobile platforms.

OPC Foundation Advisory #1 - The OPC Foundation published an advisory that describes an improperly controlled sequential memory allocation vulnerability in their OPC UA .NET Standard Reference Server.

OPC Foundation Advisory #2 - The OPC Foundation published an advisory that describes a generation of error message that contains sensitive information vulnerability in their OPC UA .NET Standard Reference Server.

Philips Advisory - Philips published an advisory that discusses the Windows WinVerifyTrust Signature Validation Vulnerability.

Researcher Reports

Sante Reports - The Zero Day Initiative published reports for five vulnerabilities in the Sante DICOM Viewer Pro.

Exploits

FortiGuard Exploit - Code16 published an exploit for an unspecified vulnerability in FortiGate-VM64.

 

For more details about these disclosures, including links to 3rd party advisories, researcher reports, and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-4-837 - subscription required.

Review – Public ICS Disclosures – Week of 7-2-22

 The 4^th of July week is still apparently vacation time for lots of folks which may be why we have a relatively slow week for ICS disclosures. This week we have five vendor disclosures from HPE, Insyde, QNAP, Sante, and Watchguard. We have four vendor updates from Aruba, Festo, and HPE (2).

HPE Advisory - HPE published an advisory that discusses seventeen vulnerabilities (one with known exploit) in their Apache Web Server.

Insyde Advisory - Insyde published an advisory that discusses 22 vulnerabilities (20 with known exploits) in their InsydeH2O BIOS.

QNAP Advisory - QNAP published an advisory that discusses ransomware attacks on NAS products with SMB services exposed to the internet.

Sante Advisory - Incibe-CERT published an advisory that describes an SQL injection vulnerability in the Sante PACS Server, a software used for processing images in DICOM format.

Watchguard Advisory - Watchguard published an advisory that discusses an improper authentication vulnerability in their Fireware OS.

Aruba Update - Aruba published an update for their Expat XML advisory that was originally published on May 17^th, 2022 and most recently updated on June 1^st, 2022.

Festo Update - CERT-VDE published an update for their Festo Advisory that was originally published on June 8^th, 2022.

HPE Update #1 - HPE published an update for their Superdome Flex advisory that that originally published on June 7^th, 2022 and most recently updated on June 21^st, 2022.

HPE Update #2 - HPE published an update for their Superdome Flex advisory that was originally published on June 14^th, 2022 and most recently updated on June 21^st, 2022.

 

For more details about these disclosures, including links to 3rd party advisories and exploit, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-7 - subscription required.

Review - Public ICS Disclosures – Week of 1-29-22 – Part 1

 This has been a very busy week for control system vulnerabilities and it is going to require a two-part post to address all of the information. This week we have 14 vendor disclosures from ABB (3), Aruba (3), Sante, Sealevel, WAGO, Emerson, FANUC, Honeywell (2), Philips, and Rockwell.

ABB Advisory #1 - ABB published an advisory describing three vulnerabilities in their SPIET800 INFI-Net to Ethernet Transfer and PNI800 S+ Ethernet communication interface modules.

ABB Advisory # 2 - ABB published an advisory describing an improper input validation vulnerability in their System 800xA, Symphony® Plus IEC 61850 communication stack.

ABB Advisory #3 - ABB published an advisory describing a remote code execution vulnerability in their OPC Server for AC 800M products.

Aruba Advisory #1 - Aruba published an advisory discussing 15 vulnerabilities in their ArubaOS-CX 8000 Series Switches.

Aruba Advisory #2 - Aruba published an advisory discussing 15 vulnerabilities in their 9000 Series Gateways.

Aruba Advisory #3 - Aruba published an advisory discussing the PwnKit vulnerability in multiple product lines.

Sante Advisory - INCIBE-CERT published an advisory describing seven vulnerabilities in the Sante DICOM Viewer Pro.

Sealevel Advisory - INCIBE-CERT published an advisory describing twelve vulnerabilities in the Sealevel SeaConnect 370W Wi-Fi edge device.

WAGO Advisory - CERT-VDE published an advisory discussing a link following vulnerability in the WAGO e!COCKPIT and WAGO-I/O-Pro.

Emerson Advisory - Emerson published an advisory describing a credential disclosure vulnerability in multiple products. The vulnerability was reported by Dragos.

FANUC Advisory - FANUC published a notice reporting that none of their products are affected by the Log4Shell vulnerability.

Honeywell Advisory #1 - Honeywell published an advisory describing a command injection vulnerability in their IP PTZ Camera HDZP252DI.

Honeywell Advisory #2 - Honeywell published an advisory describing a video replay vulnerability in their IP Camera HBW2PER1.

Philips Advisory - Philips published an advisory discussing the PwnKit vulnerability.

Rockwell Advisory - Rockwell published a notice discussing a problem with the latest Microsoft® DCOM Hardening patch.

 

For more details about these advisories, including links to researcher reports, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-1-cfc - subscription required.