Public ICS Disclosures – Week of 8-2-25

We have a relatively light disclosure week. This week we have nine vendor disclosures from CODESYS (3), Dell, Draeger, Eaton, Hitachi, HPE, and Splunk. There are also seven vendor updates from HP (3), HPE, Mitsubishi, and Moxa (2). Finally, we have an exploit for products from Tigo.

CODESYS Advisories

CODESYS published an advisory that describes an incorrect default permissions vulnerability in their Control runtime systems. The vulnerability was reported by Luca Borzacchiello of Nozomi Networks. CODESYS has a new version that mitigates the vulnerability.

CODESYS published an advisory that describes a NULL pointer dereference vulnerability in their Control runtime system's CmpDevice component. CODESYS has a new version that mitigates the vulnerability in some of the affected products, the remaining fixes are due later this month.

CODESYS published an advisory that describes an incorrect permission assignment for critical resource vulnerability in their Control runtime system CmpOpenSSL component. The vulnerability was reported by Luca Borzacchiello of Nozomi Networks. CODESYS has a new version that mitigates the vulnerability in some of the affected products, the remaining fixes are due later this month.

Dell Advisory

Dell published an advisory that discusses three vulnerabilities in their ThinOS products. These are third-party (ControlUP VDI Agent) vulnerabilities. Dell has new versions that mitigate the vulnerabilities.

The three reported vulnerabilities are:

• Observable discrepancy - CVE-2024-23170,

• Integer overflow or wrap around - CVE-2024-23775, and

• Session fixation - CVE-2023-52353 (exploit)

Draeger Advisory

Draeger published an advisory that describes a missing authorization vulnerability in their ICMHelper product. The vulnerability was reported by CODE WHITE. Draeger has a new version that mitigates the vulnerability.

Eaton Advisory

Eaton published an advisory that describes two vulnerabilities in their Rack PDU G4 product. The vulnerabilities were reported by Harry Sintonen. Eaton has a new firmware version that mitigates the vulnerabilities.

The two reported vulnerabilities are:

• Improper certificate validation - CVE-2025-48393, and

• Path traversal - CVE-2025-48394

Hitachi Advisory

Hitachi published an advisory that discusses three vulnerabilities in their Cosminexus Developer's Kit. These are third-party (Oracle) vulnerabilities. Hitachi does not provide any mitigation information.

The three reported vulnerabilities are:

• Improper access control - CVE-2025-30754,

• Deserialization of untrusted data - CVE-2025-30761, and

• Improper access control - CVE-2025-50059

HPE Advisory

HPE published an advisory that describes ten vulnerabilities in their Private Cloud AI. HPE has a new version that mitigates the vulnerabilities.

Splunk Advisories

Splunk published an advisory that discusses five vulnerabilities in their AppDynamics Cluster Agent. These are third-party vulnerabilities. Splunk has a new version that mitigates the vulnerabilities.

The five reported vulnerabilities are:

• Policy validation error - CVE-2025-22874,

• Disclosure of sensitive information - CVE-2025-4673,

• Link following - CVE-2025-0913,

• Untrusted search path - CVE-2025-4802 (exploit),

• Expected behavior violation - CVE-2024-7246 (contains POC code)

Splunk published an advisory that discusses 148 vulnerabilities in their On-Premise Enterprise Console. These are third-party vulnerabilities. Splunk has a new version that mitigates the vulnerabilities.

HP Updates

HP published an update for their Intel PROSet/Wireless WiFi advisory that was originally published on May 13^th, 2025. The new information includes updating version and SoftPaq information for Business Notebooks, Business Desktops, Thin Clients, Consumer Notebooks, and Consumer Desktops.

HP published an update for their AMD Graphics Driver advisory that was originally published on February 11^th, 2025. The new information includes updating version and SoftPaq information for Business Notebooks, Business Desktops, and Workstations.

HP published an update for their Elan Fingerprint Sensor advisory that was originally published on April 10^th, 2025. The new information includes:

• Updating G8 products to the Business Notebook list,

• Updating the Resolution Note to indicate the different Elan FPS firmware update method specific to G8 products,

• Adding the list for Thin Client PCs.

HPE Update

HPE published an update for their SANnav Management Portal advisory that was originally published on July 8^th, 2025. The new information includes updating SN3600B with Lifetime Warranty (LW) to use Fabric OS 9.2.1c.

Mitsubishi Update

Mitsubishi published an update for their GENESIS64 advisory that was originally published on May 15^th, 2025. The new information includes adding GENESIS to Affected products.

Moxa Updates

Moxa published an update for their OnCell 3120-LTE-1 advisory that was originally published on September 4^th, 2024. The new information include updating solutions.

Moxa published an update for their MGate MB3XXX advisory that was originally published on February 17^th, 2022. The new information includes:

• Adding MGate MB3660 Series in Affected Products,

• Updating Solutions for all products, and

• Adding Products Confirmed Not Affected section.

Tigo Exploit

Byte Reaper published an exploit for a command injection vulnerability in the Tigo Cloud Connect Advanced products. The vulnerability was previously reported by CISA.