Public ICS Disclosures – Week of 11-8-25 – Part 2

For Part 2 we have seven additional vendor disclosures from Rockwell, Schneider (2), Splunk (3), and Supermicro. We have a bulk update from Siemens (18). There are five additional vendor updates from Dell and Schneider (4). Finally, we have two researcher reports about vulnerabilities in products from Ilevia and QNAP.

Rockwell Advisory

Rockwell published an advisory that describes a stack-based buffer overflow vulnerability in their Arena Simulation product. The vulnerability was reported by Michael Heinzl. Rockwell has a new version that mitigates the vulnerability.

Schneider Advisories

Schneider published an advisory that describes three vulnerabilities in their PowerChute Serial Shutdown product. The vulnerabilities were reported by Aleksandar Djurdjevic. Schneider has a new version that mitigates the vulnerability.

Schneider published an advisory that discusses a use of broken or risky cryptographic algorithm vulnerability in their EcoStruxure Machine SCADA Expert and Pro-face BLUE Open Studio products. This is third-party (AVEVA) vulnerability. Schneider has a new version that mitigates the vulnerability.

Splunk Advisories

Splunk published an advisory that discusses a stack-based buffer overflow vulnerability in their Enterprise product. This is a third-party (Jackson-core) vulnerability. Splunk has new versions that mitigate the vulnerability.

Splunk published an advisory that describes an exposure of sensitive information to an unauthorized actor vulnerability in their Enterprise product. The vulnerability was reported by Anton (therceman). Splunk has new versions that mitigate the vulnerability.

Splunk published an advisory that describes an open redirect vulnerability in their Enterprise product. The vulnerability was reported by Diogo Real (c0rte). Splunk has new versions that mitigate the vulnerability.

Supermicro Advisory

Supermicro published an advisory that discusses a stale translation lookaside buffer (TLB) entry vulnerability in multiple Supermicro products. This is a third-party (AMD) vulnerability. Supermicro has new BIOS versions that mitigates the vulnerability.

Bulk Updates – Siemens

• Multiple Vulnerabilities in Fortigate NGFW on RUGGEDCOM APE1808 Devices,

• Multiple Vulnerabilities in Fortigate NGFW Before V7.4.3 on RUGGEDCOM APE1808 Devices,

• RADIUS Protocol Susceptible to Forgery Attacks (CVE-2024-3596) - Impact to SIPROTEC, SICAM and Related Products,

• Multiple Vulnerabilities in Fortigate NGFW Before V7.4.7 on RUGGEDCOM APE1808 Devices,

• Weak Encryption Vulnerability in SIPROTEC 5 Devices,

• Incorrect Privilege Assignment Vulnerability in Mendix OIDC SSO Module,

• Denial of Service Vulnerability in the OPC UA Implementations of SIMATIC Products,

• Multiple Vulnerabilities in Fortigate NGFW Before V7.4.4 on RUGGEDCOM APE1808 Devices,

• Accessible Development Shell via Physical Interface in SIPROTEC 5,

• Multiple Web Server Vulnerabilities in SICAM GridEdge Before V2.6.6,

• Denial of Service Vulnerability in SIPROTEC 5 Devices #1,

• Denial of Service Vulnerability in SIPROTEC 5 Devices #2,

• Client-Side Enforcement of Server-Side Security Vulnerabilities in RUGGEDCOM ROX II,

• DLL Hijacking Vulnerability in Siemens Web Installer used by the Online Software Delivery,

• Improper Access Control Vulnerability in SICAM GridEdge Before V2.7.3,

• Vulnerabilities in EFI variable of SIMATIC IPCs, SIMATIC Tablet PCs, and SIMATIC Field PGs, and

• Improper Limitation of Filesystem Access through Web Server Vulnerability in SIPROTEC 5.

Dell Update

Dell published an update for their ThinOS 10 advisory that was originally published on October 21^st, 2025. Dell provides no management of change information.

Schneider Updates

Schneider published an update for their CODESYS Runtime advisory that was originally published on July 11^th, 2023, and most recently updated on August 12^th, 2025. The new information includes adding fix for Easy Modicon M310.

Schneider published an update for their Saitel DR advisory that was originally published on August 12^th, 2025. The new information includes adding fix for Saitel DP RTU.

Schneider published an update for their EcoStruxure Power Monitoring Expert advisory that was originally published on August 12^th, 2025, and most recently updated on October 14^th, 2025. The new information includes:

• Updating Affected Products and Version section to include PME 2023 R2,

• Updating the impacting CVEs for PME 2022, 2023, and 2023 R2, and

• Updating remediation for PME 2023, and 2023 R2.

Schneider published an update for their FlexNet Publisher advisory that was originally published on January 14^th, 2025, and most recently updated on October 14^th, 2025. The new information includes adding CVE, CWE, & CVSS Score information.

Ilevia Report

Zero Science published a report describing an OS command injection vulnerability in the Ilevia EVE X1 Server. The report includes a link to an exploit for the vulnerability. The vendor was notified about the vulnerability, but has not replied to the researcher, this may be a 0-day vulnerability.

QNAP Report

VulnCheck reports that they have added an exposure of sensitive information to an unauthorized actor vulnerability in the QNAP Photo Station product to the VulnCheck KEV list. QNAP previously disclosed the vulnerability. Amigo published an article describing how to determine if the CPUMiner bot has infected the QNAP Photo Station. Both the disclosure and the article date back to 2017.