Vulnerability Details

The Computer Network Defence Alert State is designed to give a granular and more dynamic visualisation of the current cyber security threat.  Any increase in an alert state will occur immediately an issue is detected and it will drop again by one level each working day

Our rationale for this agility is that vulnerabilities often occur in clusters, therefore reducing the alert state again quickly, will increase your visibility of new threats to the same product. Daily reductions in alert state occur at approximately 1900 GMT/UTC. Significant vulnerabilities may remain for longer. Vulnerabilities on this page are predominantly remotely executable, very few local server exploits will be shown.

Tuesday 30 May 2023


Belden

Patch

Multiple libexpat vulnerabilities exist in HiOS, Classic, HiSecOS, Wireless BAT-C2, Lite Managed, and Edge.  Highest CVSSv3 score of 9.8
More info.

StrongSwan vulnerability exists in Eagle and OWL. CVSSv3 score of 7.5
More info.


Hitachi

Patch

Hitachi has published updates for JP1/Veritas and Cosminexus HTTP Server.
More info.


  

Monday 29 May 2023


IBM

Patch

IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a heap-based buffer overflow in Perl. CVSSv3 score of 9.8
More info.

A vulnerability in Etcd-io could affect IBM CICS TX Standard. CVSSv3 score of 9.8
More info. And here.

IBM App Connect Enterprise Certified Container is vulnerable to arbitrary code execution. CVSSv3 score of 9.8
More info. And here.

Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to multiple vulnerabilities in Go. Highest CVSSv3 score of 9.8
More info.


NetApp

New

NetApp has published 10 new bulletins identifying vulnerabilities in third-party software included in their products.  Highest CVSSv3 score of 9.8.
Three have patches.
More info.


Linux

Patch

Ubuntu has updated linux PTP. More info.


  

Friday 26 May 2023


BD

Patch

BD has published third-party software updates for several products.
More info.


HPE

Patch

A security vulnerability in the OpenSSL Library impacts HPE IceWall products. The vulnerability could be exploited resulting in remote DoS. CVSSv3 score of 7.5
More info.


NetApp

Patch

NetApp Blue XP Connector exposes information via a directory listing.  CVSSv3 score of 5.3
More info.


  

Thursday 25 May 2023


Zyxel

Patch

Zyxel has released patches for firewalls affected by multiple buffer overflow vulnerabilities. CVSSv3 score of 9.8
More info.


Wireshark

Patch

Wireshark has published 9 new bulletins identifying DoS vulnerabilities. CVSSv3 score of 6.5
More info.


  

Wednesday 24 May 2023


Netgate

Patch

An IPv6 packet larger than the MTU on an interface can lead to a kernel panic in pf, resulting in a DoS.
More info.


Hitachi
Energy

New

Multiple vulnerabilities in the libexpat affect the AFS65x, AFS66x, AFS67x, AFR67x and AFF66x series products. Highest CVSSv3 score of 9.8
Mitigations only, patches are coming.  Some products are EoL.
More info.


Bosch

Patch

Video Management System, Access Management System, and Building Integration System are using a vulnerable version of the Microsoft .NET package. A remote code execution vulnerability exists due to how text encoding is performed. CVSSv3 score of 9.8
More info.


GitLab

Patch

GitLab CE/EE contains a path traversal vulnerability that allows a remote attacker to read arbitrary files on the server when an attachment exists in a public project nested within at least five groups. CVSSv3 score of 10
More info.


Dell

Patch

PowerEdge T30 and T40 Mini Tower contains a vulnerability in Tianocore EDK2.  CVSSv3 score of 9.8
More info.


Linux

Patch

Red Hat has updated the kernel. More info.
Oracle Linux has updated the kernel and many others. More info.


  

Tuesday 23 May 2023


Mitsubishi
Electric

Patch

DoS and RCE vulnerabilities exists in the MELSEC Series CPU modules. A remote attacker may cause a DoS condition or execute malicious code on a target product by sending specially crafted packets. CVSSv3 score of 10.
More info.


Meinberg

Patch

The LANTIME firmware includes security updates of various third party libraries and programs. Most rated Medium.
More info.


IBM

Patch

There are multiple vulnerabilites that affect IBM Engineering Requirements Quality Assistant On-Premises.  Highest CVSSv3 score of 9.8
More info.


Hitachi

Patch

Hitachi has published security updates for Cosminexus HTTP Server, Ops Center Analyzer, Ops Center Viewpoint, Ops Center Common Services,
More info.


Apache

Patch

Tomcat has fixed a DoS vulnerability. CVSSv3 score of 7.5
More info.


Linux

Patch

Ubuntu has updated the kernel. More info.
Red Hat has updated sudo. More info.


  

Friday 19 May 2023


Johnson
Controls

Patch

A vulnerability impacting OpenBlue Enterprise Manager Data Collector allows a remote attacker to expose sensitive information. CVSSv3 score of 10
More info. And here.


Carlo
Gavazzi

Exploit

Carlo Gavazzi Powersoft have a directory traversal vulnerability that can allow a remote attacker to access and retrieve any file through specially crafted GET requests to the server. Product is EoL, no fixes will be available.  Proof of Concept exists. CVSSv3 score of 7.5
More info.


Apple

Exploit

Multiple vulnerabilities have been discovered in Apple products, the most severe of which could allow for arbitrary code execution. Updates are available for Safari, iOS, iPadOS, watchOS, tvOS, and macOS.  At least one vulnerability is being actively exploited.
More info. And here.


Microsoft

Patch

Microsoft has updated Edge to include the latest chromium security updates.
More info.


WithSecure

Patch

A DoS vulnerability was discovered in WithSecure products whereby possible scanning engine crashes when unpack PE file. The exploit can be triggered remotely by an attacker.
More info.


Linux

Patch

Ubuntu has updated the kernel. More info.
Mageia has updated the kernel. More info.


  

Thursday 18 May 2023


Cisco

Exploit

Cisco has published 9 new bulletins and 1 updated bulletin.  Of the new bulletins, 1 is rated Critical, the rest are Medium. Highest CVSSv3 score of 9.8
More info.

Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow a remote attacker to cause a DoS or execute arbitrary code with root privileges on an affected device. Exploit code exists. Only some of the vulnerable equipment will receive patches, the others are EoL. Highest CVSSv3 score of 9.8
More info.


Mitsubishi
Electric

Patch

MELSEC WS Series products have the hidden Telnet function enabled by default. An authentication bypass vulnerability allows a remote attacker to illegally log into the affected module by connecting to it via telnet. CVSSv3 score of 7.5
More info.


IBM

Patch

Vulnerabilities in Golang Go affects IBM CICS TX Standard.  CVSSv3 score of 9.8
More info. And here.

IBM InfoSphere Information Server is affected by multiple vulnerabilities in JQuery, Node.js and Swagger UI. Highest CVSSv3 score of 9.8
More info.


Dell

Patch

Avamar, NetWorker Virtual Edition (NVE) and PowerProtect DP Series Appliance /IDPA remediation is available for multiple vulnerabilities that could be exploited by malicious users to compromise the affected system. Dell rates this Critical.
More info.


Xerox

Patch

FreeFlow Print Server v7 has been updated with Oracle, OpenJDK, Apache, and Firefox patches.
More info.


NetApp

Patch

NetApp has published 10 new bulletins identifying vulnerabilities in third-party software included in their products.  Five have patches. Highest CVSSv3 score of 9.8
More info.


Aruba

Patch

Aruba has released patches for Aruba access points running InstantOS and ArubaOS that address multiple security vulnerabilities.  Highest CVSSv3 score of 9.8
More info.


  

Wednesday 17 May 2023


Google

Patch

Google has published an update for Chrome for Desktop that includes 12 security fixes.  At least 1 is rated Critical.
More info.

Microsoft is aware.  More info.


Snap One

Patch

OvrC Cloud, OvrC Pro Devices contain several vulnerabilities that allow a remote attacker to impersonate and claim devices, execute arbitrary code, and disclose information about the affected device. CVSSv3 score of 8.6
More info.


WAGO

Patch

WAGO products contain an unauthenticated command execution via Web-based-management vulnerability.  CVSSv3 score of 9.8
More info.


IBM

Patch

Multiple security vulnerabilities fixed and shipped with IBM Security Verify Bridge (Docker version).  Highest CVSSv3 score of 9.8
More info.

Multiple vulnerabilities have been fixed in IBM Security Verify Information Queue. Highest CVSSv3 score of 9.8
More info. And here.

Multiple security vulnerabilities have been fixed in IBM Security Verify products.  Highest CVSSv3 score of 9.8
More info. And here. And here. And here. And here. And here.

Multiple publicly disclosed Libcurl vulnerabilities affect IBM Safer Payments. Highest CVSSv3 score of 9.1
More info.


Linux

Patch

SUSE has updated the kernel. More info.
Ubuntu has updated the kernel. More info.
Mageia has updated the kernel. More info.
Amazon Linux 2 has updated the kernel. More info.


  

Tuesday 16 May 2023


SICK

Patch

Multiple security vulnerabilities in the SICK FTMg device that could allow a remote attacker to impact the availabiltiy or confidentaility of the FTMg device. Highest CVSSv3 score of 7.5
More info.


IBM

Patch

IBM Edge Application Manager addresses security vulnerabilities in open source software. Highest CVSSv3 score of 9.8
More info.


Hitachi

Patch

Hitachi has updated Command Suite, Automation Director, Configuration Manager, Infrastructure Analytics Advisor, and Ops Center with fixes for vulnerabilities introduced by Oracle products.  Highest CVSSv3 score of 7.4
More info.


vm2

Patch

vm2 has been updated to fix a vulnerability where a remote attacker could edit options for console.log. CVSSv3 score of 5.3
More info.


Linux

Patch

Red Hat has updated the kernel. More info.


  

ALERT DEFINITIONS

PRODUCT

GUARDED 

This alert state represents the return towards normalisation of an alert state, indicating that there was a higher alert state due to a product vulnerability during the previous few days.


PRODUCT

INCREASED 

This alert state indicates that a product vulnerability has been identified within the last few days. The vulnerability is either difficult to exploit, or if exploited, results in reduced impact to the target system.


PRODUCT

HIGH 

This alert state indicates a more serious vulnerability which is exploitable.


PRODUCT

CRITICAL 

This alert state indicates a significant threat to the product, where exploits exist or where the vulnerability is potentially devastating.


NEW

NEW 

This bottom descriptor is used with a vulnerability which has been identified in the last 24 hours, with no patch or exploit. It will typically be paired with Increased.


+24hrs

+24hrs

 This bottom descriptor is used with Indicates an alert state which has been present for more than 24 hours. It will typically be paired with Guarded, and could be changed to +48hr for an item that came out as Critical.


Patch

PATCH 

This bottom descriptor indicates that patches are available for vulnerabilities, whether it is the initial report or a patch of a vulnerability that had been previously reported.  It could be paired with Increased or High, and on rare occasions Critical.


Exploit

EXPLOIT 

This bottom descriptor indicates that an Exploit has been made public for a vulnerability, whether it is the initial report or an indication of an exploit for a vulnerability that had been previously reported.  It could be paired with High or Critical.


ZERO

ZERO DAY 

This bottom descriptor indicates that a vulnerability has been announced without the opportunity for the vendor to patch it before the details are made known.  It could be paired with High or Critical.