This week we have nine vendor disclosures from Aruba Networks, Carrier, Contec, Hitachi Energy, HPE (2), InHand Networks, Moxa, and Phoenix Contact. There are five vendor updates from HPE (4) and Moxa. Finally, we have three exploits for products from Eaton, Riello, and Fortinet.
In Part 2 this week I will look at disclosures from Schneider and Siemens.
Aruba Advisory – Aruba published an advisory that describes eight vulnerabilities in their ClearPass Policy Manager program.
Carrier Advisory – Carrier published an advisory that discusses a server side request forgery vulnerability in their g LenelS2 supported platform.
Contec Advisory – Contec published an advisory that describes three vulnerabilities in their CONPROSYS M2M Gateway Series, M2M Controller Series products.
Hitachi Energy Advisory – Hitachi published an advisory that discusses a permissions, privileges, and access control vulnerability in their MicroSCADA Pro/X SYS600 Products.
HPE Advisory #1 – HPE published an advisory that discusses eight vulnerabilities in their NonStop servers.
HPE Advisory #2 – HPE published an advisory that describes a cross-site scripting vulnerability in their Integrated Lights-Out products.
InHand Advisory – InHand published an advisory that describes five vulnerabilities in their InRouter615-S industrial routers.
Moxa Advisory – Moxa published an advisory that describes two improper certificate validation vulnerabilities in their NPort 6000 Series and Windows Driver Manager products.
Phoenix Contact Advisory – Phoenix Contact published an advisory that discusses five vulnerabilities in their ENERGY AXC PU product.
HPE Update #1 – HPE published an update for their FlexNetwork and FlexFabric Switches