Alert Details

Computer Network Defence Alert State


secwiz blankback cro tp

The Computer Network Defence Alert State is designed to give a granular and more dynamic visualisation of the current security threat.  Increase in alert state will occur immediately upon detection of a new threat and drop again by one level each working day.  The rationale is that vulnerabilities often occur in clusters, therefore reducing the alert state again quickly, will increase your visibility of new threats to the same product.  It is important that the radar page is viewed at least daily in order to track these changes. Reductions in alert state occur at approximately 1900 GMT/UTC. Significant vulnerabilities may remain for longer. Vulnerabilities on this page are predominantly remotely executable, very few local server exploits will be shown.



Current Alerts


SuSE has updated the kernel.

More info.


Debian has updated the kernel.

More info.


OpenSUSE has posted a kernel patch with security fixes.

More info.


A vulnerable OpenJDK CORBA component is included, but is not used in supported configurations. A local attacker with access to modify and execute code related to the vulnerable components may be able to breach confidentiality, integrity, and availability of the BIG-IP host.

More info.


SAP monthly patch day.  21 patches, 1 listed as "Hot News", 15 medium, 5 low.  6 are "Missing Authorization Check", 2 "Buffer Overflow", 1 "Missing Authentication Check".

More info.


two vulnerabilities have been found in the firmware from a NETGEAR router. The exploitation of these two vulnerabilities provides the attacker full remote unauthenticated root access to the device if it has WAN administration enabled. 

More info.


EMC SourceOne Email Supervisor Security Update for Multiple Security Vulnerabilities 

More info.


A vulnerability in the TACACS protocol implementation of the Cisco Aggregation Services Router (ASR) 5000 and ASR 5500 (ASR5K) System Software could allow an unauthenticated, remote attacker to cause a partial denial of service (DoS) condition because the vpnmgr process restarts.

More info.


Microsoft Patch Day.    Six bulletins, three marked Critical, four allow Remote Code Execution.   Updated products include IE, Edge, JScript and VBScript, Windows Shell, Office, and the Windows kernel.

More info.


Also Microsoft has updated their digital certificate bulletin.  With the October 13, 2015 revision of this advisory, Microsoft is announcing the availability of an update for all supported releases of Windows that modifies the Code Integrity component in Windows to extend trust removal for the certificates to also preclude kernel-mode code signing.

More info.


Adobe has published a patch for Adobe Acrobat and Reader.  There are 56 vulnerabilities patched.

More info.


Adobe has updated Flash Player with 14 vulnerabilities patched.

More info.


A cross-site scripting vulnerability has been identified in Nordex’s NC2 Wind Farm Portal application.  This vulnerability could be exploited remotely.  The patching of the NC2-SCADA system has to be done by Nordex.

More info.


Several models of ZyXEL routers are vulnerable to multiple issues, including weak default passwords, command injections due to improper input validation, and cross-site scripting.  ZyXEL has previously addressed some issues, and will address the remaining issues in October 2015.

More info.


Chrome has updated the stable channel with 24 security fixes.

More info.



Return to the top of the Alert Details Page

Alert Definitions

NORMAL This alert state represents the normal level of security with minimal activity relating to the product.  The next stage above this level is 2, however falling alerts will go through 1 when returning to normal.

LOW This alert state indicates that an alert has been recognised for this product within the last few days but it is now returning to normal.  Inclusion of this level is for viewers that don't monitor this alert system regularly.

INCREASED This alert state indicates a need to increase the security posture due to an emerging threat for which there is currently no exploit, or you are witnessing the reduction in alert state after being at level 3 for more than 1 working day.

HIGH This alert state indicates a significant threat to the product, where exploits exist or where the vulnerability is potentially devastating.

PATCHES This alert state indicates that patches are available for vulnerabilities that had previously resulted in a need for the alert state to increase and subsequently fall. The level of 2 or 3 indicates the urgency to patch.

EXPLOIT This alert state indicates that exploit code is available for vulnerabilities that had previously resulted in a need for the alert state to increase and subsequently fall. The level of 2 or 3 indicates the threat of the exploit.


ZERO This alert state indicates that a vulnerability has been announced without the opportunity for the vendor to patch it before the details are made known.  These can be especially dangerous if exploit code is available. The level of 2 or 3 indicates the threat of the vulnerability.


Return to the top of the Alert Details Page


Go to the Radar Page                                                 cndlogo 150x150



Useful Links


These are links our analysts and radar page patrons find useful.  If you would like to suggest a link for this section, please send your suggestions to This email address is being protected from spambots. You need JavaScript enabled to view it.

Any other comments on our site or the Radar Page are welcome as well!