Public ICS Disclosures – Week of 8-9-25 – Part 2
For Part 2 we have 15 additional vendor disclosures from Palo Alto Networks (6), Phoenix Contact, Schneider Electric (4), Siemens (2), Supermicro, and Western Digital. There are bulk updates from Siemens (23). We have additional 12 vendor updates from FortiGuard, HP (5), HPE, and Schneider (5). There are five researcher reports for vulnerabilities in products from Schneider (5). Finally, we have two exploits for products from Snort and VMware.
Palo Alto Networks Advisories
PAN published an advisory that discusses six vulnerabilities in their Prisma Access Browser. These are third-party (Chromium) vulnerabilities. PAN has a new version that mitigates the vulnerability.
The six reported vulnerabilities are:
Improper input validation - CVE-2025-6558 (listed in CISA’s Known Exploited Vulnerabilities catalog),
External control of assumed immutable web parameter - CVE-2025-7656,
Use after free (2) - CVE-2025-7657 and CVE-2025-8292, and
Type confusion (2) - CVE-2025-8010 and CVE-2025-8011
PAN published an advisory that describes a deserialization of untrusted data vulnerability in their Checkov by Prisma Cloud product. The vulnerability was reported by Bryan Eastes. PAN has a new version that mitigates the vulnerability.
PAN published an advisory that describes a cleartext storage of sensitive information vulnerability in their Checkov by Prisma Cloud. The vulnerability was reported by Shashank Chaurasia. PAN has a new version that mitigates the vulnerability.
PAN published an advisory that describes a cleartext storage of sensitive information vulnerability in multiple PAN products. PAN has new versions that mitigate the vulnerability.
PAN published an advisory that describes an improper certificate validation vulnerability in their GlobalProtect App. The vulnerability was reported internally and by Maxime Escorbiac of Michelin CERT. PAN has new versions that mitigate the vulnerability.
PAN published an advisory that describes a use of default credentials vulnerability in their Cortex XDR Broker VM. PAN has a new version that mitigates the vulnerability.
Phoenix Contact Advisory
Phoenix Contact published an advisory that describes a missing authentication for critical function vulnerability in their Device and Update Management service. Phoenix Contact has a new version that mitigates the vulnerability.
Schneider Advisories
Schneider published an advisory that describes an improper privilege management vulnerability in their Saitel DR & Saitel DP RTU products. The vulnerability was reported by Robin Senn and Sebastian Krause of GAI NetConsult GmbH. Schneider provides generic mitigation measures pending development of a fix.
Schneider published an advisory that describes a link following vulnerability in their Software Update (SESU) product. The vulnerability was reported by Sheikh Rishad. Schneider has a new version that mitigates the vulnerability.
Schneider published an advisory that describes two vulnerabilities in their EcoStructure Building Operation products. The vulnerabilities were reported by Pentest Limited. Schneider has new versions that mitigate the vulnerabilities.
Schneider published an advisory that describes an improper input validation vulnerability in multiple Schneider products. The vulnerability was reported by CyManII. Schneider provides generic mitigation measures pending development of a fix.
Siemens Advisories
Siemens published an advisory that describes an improper verification of cryptographic signature vulnerability in their Mendix SAML products. Siemens has new versions that mitigate the vulnerability.
Siemens published an advisory that describes least privilege violation in multiple Siemens products. This is a third-party (Wibu) vulnerability. Siemens has a patch that mitigates the vulnerability.
Supermicro Advisory
Supermicro published an advisory that discusses two vulnerabilities in multiple Supermicro products. These are third-party (Intel) vulnerabilities. Supermicro has new BIOS versions that mitigate the vulnerabilities.
The two reported vulnerabilities are:
Improper locking - CVE-2025-20044, and
Improper isolation or compartmentalization - CVE-2025-20109
Western Digital Advisory
Western Digital published an advisory that describes a Windows registration vulnerability in their Kitfox Software for Windows. The vulnerability was reported by Kazuma Matsumoto of GMO Cybersecurity. Western Digital has a new version that mitigates the vulnerability.
Bulk Updates
Siemens published 23 updates:
Race Condition Vulnerability in Basic Authentication Implementation of Mendix Runtime,
Mirror Port Isolation Vulnerability in RUGGEDCOM ROS Devices,
Multiple Vulnerabilities in Fortigate NGFW on RUGGEDCOM APE1808 Devices,
Vulnerability in RUGGEDCOM Discovery Protocol (RCDP) of Industrial Communication Devices,
Deserialization Vulnerability in Siemens Engineering Platforms before V20,
Denial of Service Vulnerability in the Web Server of RUGGEDCOM ROS Devices,
Multiple Vulnerabilities in Fortigate NGFW Before V7.4.7 on RUGGEDCOM APE1808 Devices,
Accessible Development Shell via Physical Interface in SIPROTEC 5,
Denial of Service Vulnerability in TIA Project-Server and TIA Portal,
Authentication Bypass Vulnerability in BMC (CVE-2024-54085) affects SIMATIC IPC RS-828A,
Local Arbitrary Code Execution Vulnerability in Siemens Engineering Platforms before V20,
Multiple Vulnerabilities in SCALANCE XB-200 / XC-200 / XP-200 / XF-200BA / XR-300WG Family,
Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP V1.1,
FortiGuard Update
FortiGuard published an update for their OpenSSH advisory that was originally published on March 11th, 2025, and most recently updated on May 13th, 2025. The new information includes updating affected products and solutions.
HP Updates
HP published an update for their AMD Transient Scheduler advisory that was originally published on July 10th, 2025. The new information includes updating version and SoftPaq information for Business Desktops.
HP published an update for their NVIDIA GPU Display Driver advisory that was originally published on March 31st, 2025. The new information includes updating version and SoftPaq information for Business Notebooks, Business Desktops, and Point-of-Sale Systems.
HP published an update for their AMD SMM Vulnerabilities advisory that was originally published on May 7th, 2025. The new information includes updating version and SoftPaq information for Thin Clients. Added lists for Consumer Notebooks and Consumer Desktops.
HP published an update for their AMD Client Processors advisory that was originally published on February 11th, 2025. The new information includes adding lists for Business Notebooks, Business Desktops, and Thin Clients.
HP published an update for their Intel Graphics Software advisory that was originally published on February 11th, 2025. The new information includes updating version and SoftPaq information for Business Notebooks, Business Desktops, Point-of-Sale Systems, and Thin Clients.
HPE Updates
HPE published an update for their Private Cloud AI advisory that was originally published on August 8th, 2025. The new information includes adding CVE-2025-23266 (exploit), untrusted search path.
HPE published an update for their SANnav Management Portal advisory that was originally published on July 8th, 2025. The new information includes updating SN3600B with Lifetime Warranty (LW) to use Fabric OS 9.2.1c
Schneider Updates
Schneider published an update for their BadAlloc advisory that was originally published on November 9th, 2021, and most recently updated on April 8th, 2025. The new information includes announcing fix for 140CRA31200 (Quantum RIO Drop), 140CRA31908 (M580 Quantum S908 RIO Drop Adapter), and BMENOP0300.
Schneider published an update for their CODESYS Runtime advisory that was originally published on July 11th, 2023, and most recently updated on June 11th, 2024. The new information includes announcing fix for Harmony iPC series and Harmony P6 series with Vijeo Designer
Schneider published an update for their Web Server on Modicon M340 advisory that was originally published on January 14th, 2025. The new information includes announcing fix for BMXNOE0100 (Modbus/TCP Ethernet Modicon M340 module) and BMXNOE0110 (Modbus/TCP Ethernet Modicon M340 FactoryCast module).
Schneider published an update for their Wind River VxWorks DHCP server advisory that was originally published on January 14th, 2025, and most recently updated on April 8th, 2025. The new information includes announcing fix for 140CRA31200 (Quantum RIO Drop) and 140CRA31908 (M580 Quantum S908 RIO Drop Adapter)
Schneider published an update for their Modicon M340 advisory that was originally published on June 11th, 2024. The new information includes announcing fix for r BMXNOE0100 (Modbus/TCP Ethernet Modicon M340 module) and BMXNOE0110 (Modbus/TCP Ethernet Modicon M340 FactoryCast module).
Schneider Reports
ZDI published five reports of individual vulnerabilities in the Schneider EcoStruxure Power Monitoring Expert. These are coordinated disclosures. Schneider plans to publish a fix in November.
The five reported vulnerabilities are:
Improper validation of URL (2) - CVE-2025-54924 and CVE-2025-54925,
Improper validation of user supplied data - CVE-2025-54923, and
Improper validation of user supplied path (2) - CVE-2025-54927 and CVE-2025-54926,
Snort Exploit
Rapid7 published a Metasploit module for an OS command injection vulnerability in the Snort Report product. This vulnerability was previously (2011) disclosed by Snort.
VMware Exploit
Imraan Khan published an exploit for a cross-site scripting vulnerability in the VMware vSphere Client. This vulnerability was previously disclosed by VMware.