Vulnerability Details
The Computer Network Defence Alert State is designed to give a granular and more dynamic visualisation of the current cyber security threat. Any increase in an alert state will occur immediately an issue is detected and it will drop again by one level each working day.
Our rationale for this agility is that vulnerabilities often occur in clusters, therefore reducing the alert state again quickly, will increase your visibility of new threats to the same product. Daily reductions in alert state occur at approximately 1900 GMT/UTC. Significant vulnerabilities may remain for longer. Vulnerabilities on this page are predominantly remotely executable, very few local server exploits will be shown.
Friday 19 April 2024
Palo Alto
Networks
Exploit
All patches are now out. CVSSv4 score of 10.
Actively exploited.
More info.
Rockwell
Automation
Patch
FactoryTalk Production Centre is vulnerable to an Apache ActiveMQ vulnerability. CVSSv3 score of 9.8
More info.
Microsoft
Patch
Microsoft has updated Edge with the latest chromium updates as well as three Edge-specific updates.
More info.
Dell
Patch
Xerox
New
Workplace Cloud contains a Critical vulnerability in the Job Processing feature. Xerox recommends disabling the Job Processing feature until a patch is available.
More info.
NetApp
New
NetApp has published 10 new bulletins identifying vulnerabilities in third-party software included in their products. Highest CVSSv3 score of 10.
More info.
Unitronics
New
Unitronics Vision Standard PLCs allow a remote attacker to retrieve the 'Information Mode' password in plaintext. CVSSv3 score of 7.5
More info.
Thursday 18 April 2024
Palo Alto
Networks
Exploit
PoCs are out for the GlobalProtect vulnerability. CVSSv4 score of 10.
Actively exploited. More patches expected today and tomorrow.
More info.
Cisco
Patch
Cisco has released 3 new bulletins, 2 rated High and 1 rated Medium. Highest CVSSv3 score of 8.8
More info.
A vulnerability in the implementation of SNMP IPv4 ACL could allow a remote attacker to perform SNMP polling of an affected device, even if it is configured to deny SNMP traffic. CVSSv3 score of 5.3
More info.
Mitel
Patch
Authentication bypass vulnerability and an Information Disclosure vulnerability in the 6800 Series, 6900 Series and 6900w Series SIP Phones, including 6970 Conference Unit could allow a remote attacker to conduct an unauthorized access attack due to improper authentication control. Highest CVSSv3 score of 6.5
More info. And here.
Broadcom
Patch
ClamAV
Patch
A vulnerability exists in the HTML file parser that could cause a DoS. CVSSv3 score of 7.5
More info.
Atlassian
Patch
Seven high-severity vulnerabilities have been fixed in Bamboo/Confluence/Jira Data Center and Server. Highest CVSSv3 score of 8.2
More info.
Linux
Patch
Wednesday 17 April 2024
Palo Alto
Networks
Exploit
The GlobalProtect vulnerability guidance is changing, disabling Telemetry, previously reported as a workaround, does not provide protection. CVSSv4 score of 10.
Actively exploited. Some patches available.
More info.
Mozilla
Patch
Mozilla has updated Firefox and Firefox ESR for vulnerabilities rated High.
More info.
Electrolink
New
Electrolink transmitters are vulnerable to Several security vulnerabilities, including Authentication Bypass, Missing Authentication, and Cleartext Storage of Sensitive Information. Highest CVSSv4 score of 8.7
More info.
Broadcom
Patch
Patch
Chrome for Desktop has been updated to fix 23 security vulnerabilities.
More info.
Ivanti
Patch
Avalanche has been updated to address vulnerabilities reported last month. Highest CVSSv3 score of 9.8
More info.
Tuesday 16 April 2024
Oracle
Patch
Oracle Quarterly Critical Patch Update is out, with 441 security patches, with 285 of these exploitable without authentication.
More info.
Hitachi
Patch
Hitachi has published updates in JP1 and Cosminexus.
More info.
PuTTY
Patch
Biased ECDSA nonce generation allows an attacker to recover a user's NIST P-521 secret key via a quick attack in approximately 60 signatures.
More info.
Linux
Patch
Red Hat has updated the kernel. More info.
Monday 15 April 2024
Palo Alto
Networks
Exploit
A command injection vulnerability in the GlobalProtect feature for specific PAN-OS versions and distinct feature configurations may enable a remote attacker to execute arbitrary code with root privileges on the firewall. CVSSv4 score of 10
Some patches are now available.
Exploits reported.
More info.
Microsoft
Patch
Microsoft has updated Edge with the latest chromium updates
More info.
HPE
Patch
Security vulnerabilities have been identified in HPE Superdome Flex, Superdome Flex 280 and Compute Scale-up Server 3200 that could be exploited to overwrite SMM memory leading to execution of arbitrary code with privilege elevation. CVSSv3 score of 9.8
More info.
HP
Patch
HP ThinPro contains security vulnerabilities. Highest CVSSv3 score of 9.8
More info.
NetApp
Patch
NetApp has published 13 new bulletins identifying vulnerabilities in third-party software included in their products. Highest CVSSv3 score of 8.4
Six have patches.
More info.
Friday 12 April 2024
Palo Alto
Networks
0-Day
A command injection vulnerability in the GlobalProtect feature for specific PAN-OS versions and distinct feature configurations may enable a remote attacker to execute arbitrary code with root privileges on the firewall. CVSSv4 score of 10
Patches expected by 14 April, this is being exploited.
More info.
Rockwell
Automation
Patch
An input validation vulnerability exists in 5015-AENFTXT that causes the secondary adapter to result in a major nonrecoverable fault when malicious input is entered resulting in a DoS that requires a manual restart. CVSSv4 score of 8.7
More info.
ControlLogix and GuardLogix are vulnerable to a major nonrecoverable fault due to an invalid header value resulting in a DoS that requires a manual restart. CVSSv4 score of 9.2
More info.
Dell
Patch
Storage Resource Manager and Storage Monitoring and Reporting remediation is available for multiple security vulnerabilities. Dell rates this Critical.
More info.
IBM
Patch
IBM Sterling B2B Integrator uses Apache Commons BCEL and contains a vulnerability. CVSSv3 score of 9.8
More info.
Due to use of Postgresql JDBC, IBM Instana Observability is vulnerable to SQL injection. CVSSv3 score of 10
More info.
IBM Disconnected Log Collector includes components with known vulnerabilities. Highest CVSSv3 score of 9.8
More info.
IBM QRadar SIEM includes vulnerable components that could be identified and exploited with automated tools. Highest CVSSv3 score of 9.8.
More info.
Linux
Patch
SUSE has updated the kernel. More info.
Thursday 11 April 2024
Patch
Palo Alto
Networks
Patch
Monthly Patches are out for Palo Alto Networks with 8 bulletins, 4 rated High, 3 Medium, and 1 Informational. Highest CVSSv3 score of 8.3
More info.
A packet processing mechanism in PAN-OS software enables a remote attacker to reboot hardware-based firewalls. Repeated attacks eventually cause the firewall to enter maintenance mode, which requires manual intervention to bring the firewall back online. CVSSv3 score of 8.2
More info.
A vulnerability in PAN-OS software enables a remote attacker to reboot PAN-OS firewalls when receiving NTLM packets from Windows servers. Repeated attacks eventually cause the firewall to enter maintenance mode, which requires manual intervention to bring the firewall back online.
More info.
A memory leak exists in PAN-OS software that enables a remote attacker to send a burst of crafted packets through the firewall that eventually prevents the firewall from processing traffic. CVSSv3 score of 8.2
More info.
Languages
New
A vulnerability was discovered in the way multiple programming languages fail to properly escape the arguments in a Microsoft Windows command execution environment. Successful exploitation of this vulnerability permits an attacker to execute arbitrary commands.
This affects Haskell, Node.js, Rust (reported yesterday), PHP, yt-dlp, and perhaps others.
More info.
Node.js has updated. More info.
Juniper
Networks
Patch
Juniper Networks April Patches include 36 bulletins, 3 rated Critical, 10 rated High, and 23 rated Medium. Highest CVSSv3 score of 9.8
More info.
Multiple vulnerabilities have been resolved in Juniper Networks Junos cRPD and Juniper Cloud Native Router by updating third party software. Some CVEs date back to 2011. Highest CVSSv3 score of 9.8
More info. And here.
Multiple vulnerabilities have been resolved in Juniper Networks Junos OS and Junos OS Evolved by updating cURL libraries. Highest CVSSv3 score of 9.8
More info.
Spring
Patch
Spring Framework has been patched to fix a URL Parsing vulnerability. CVSSv3 score of 8.1
More info.
IBM
Patch
QRadar Suite Software includes components with known vulnerabilities. Highest CVSSv3 score of 10.
More info.
IBM Sterling B2B Integrator uses Apache CXF. Highest CVSSv3 score of 9.8
More info.
IBM Maximo Application Suite - Monitor Component uses Node.js IP which is vulnerable. CVSSv3 score of 9.8
More info.
A vulnerable version of the Postgresql JDBC driver is shipped with IBM Tivoli Netcool Impact. CVSSv3 score of 10.
More info.
Vulnerabilities have been identified with the DS8900F Hardware Management Console (HMC). Highest CVSSv3 score of 9.8
More info.
Wednesday 10 April 2024
Microsoft
Patch
Adobe
Patch
Fortinet
Patch
Fortinet Monthly Patches includes 13 bulletins. Highest CVSSv3 score of 9.4
More info.
A vulnerability in FortiClientLinux may allow a remote attacker to execute arbitrary code via tricking a FortiClientLinux user into visiting a malicious website. CVSSv3 score of 9.4
More info.
A vulnerability in FortiOS may allow a remote attacker to fingerprint the device version via HTTP requests. CVSSv3 score of 5
More info.
A vulnerability in FortiNAC-F may allow a remote attacker to perform a MitM attack on the HTTPS communication channel between the FortiOS device, an inventory, and FortiNAC-F. CVSSv3 score of 4.4
More info.
Rust
Patch
The Rust standard library did not properly escape arguments when invoking batch files on Windows using the Command API. A remote attacker able to control the arguments passed to the spawned process could execute arbitrary shell commands. CVSSv3 score of 10
More info.
Pepperl
+Fuchs
New
Pepperl+Fuchs: ICE2- * and ICE3- * products are affected by multiple vulnerabilities in third-party software. Highest CVSSv3 score of 7.5
No patches yet.
More info.
HPE
Patch
Security vulnerabilities have been identified in HPE Unified Correlation Analyzer that could be exploited by a remote attacker to allow RCE, DoS, unauthorized access, memory corruption, XML external entity (XXE), and insecure deserialization. Highest CVSSv3 score of 9.8
More info.
Linux
Patch
Tuesday 09 April 2024
SAP
Patch
SAP Security Patch Day saw the release of 10 new Security Notes and 2 updated Security Notes. Highest CVSSv3 score of 8.8
More info.
Siemens
Patch
Siemens Monthly Patches are out, with 8 new bulletins and 11 updated bulletins. Highest CVSSv3 score of 9.8
More info.
The SCALANCE W1750D devices contain multiple vulnerabilities that could allow a remote attacker to achieve to information disclosure or RCE. Highest CVSSv3 score of 9.8
More info.
SINEC NMS is affected by multiple vulnerabilities. Highest CVSSv3 score of 7.6
More info.
Siemens has released a new version for Telecontrol Server Basic that fixes multiple vulnerabilities. Highest CVSSv3 score of 8.8
More info.
Multiple vulnerabilities in Palo Alto Networks Virtual NGFW exist on RUGGEDCOM APE1808 devices. Highest CVSSv3 score of 8.8
More info. And here.
Schneider
Electric
Patch
Schneider Electric includes 1 new bulletin and 3 updated bulletins in their Monthly Patches. The new bulletin has a CVSSv3 score of 7.8
More info.
Unisoc
Patch
Monthly Patches for Unisoc chipset for Android are out with 4 addressed vulnerabilities. Highest CVSSv3 score of 6.2
More info.
Welotec
Patch
Welotec has reported two vulnerabilities in the TK500v1 router series that could allow a remote attacker to manipulate the device. Highest CVSSv3 score of 9.8
More info.
Monday 08 April 2024
FRRouting
Patch
In FRRouting a remote attacker using a malformed Prefix SID attribute in a BGP UPDATE packet can cause the bgpd daemon to crash. CVSSv3 score of 7.5
More info.
Westermo
Patch
WeOS uses the WebDAV PROPFIND and could allow a remote attacker to obtain sensitive information. CVSSv3 score of 5.3
More info.
Dell
Patch
OpenSSL
New
A remote attacker may exploit certain server configurations to trigger unbounded memory growth that would lead to a DoS.
No patches available.
More info.
Friday 05 April 2024
Brocade
Patch
An RCE vulnerability in Brocade Fabric OS could allow a remote attacker to execute arbitrary code and use this to gain root access to the switch. CVSSv3 score of 8.6
More info.
Apache
Patch
Dell
Patch
BD
Patch
BD has updated Assurity Linc and MAX to fix security vulnerabilities in third-party software.
More info.
Microsoft
Patch
Microsoft has updated Edge with the latest chromium fixes and 2 Edge-specific vulnerabilities.
More info.
NetApp
New
NetApp has published 10 new bulletins identifying vulnerabilities in third-party software included in their products. Highest CVSSv3 score of 7.2
No patches yet.
More info.
Thursday 04 April 2024
Cisco
Patch
HTTP/2
New
Many HTTP/2 implementations do not properly limit or sanitize the amount of CONTINUATION frames sent within a single stream. A remote attacker that can send packets to a target server can send a stream of CONTINUATION frames causing an OOM crash. CVSSv3 score of 7.5
More info.
Node.js has updated. More info.
Ivanti
Patch
Vulnerabilities have been discovered in Ivanti Connect Secure. Highest CVSSv3 score of 8.2
More info.
ABB
Patch
A DoS vulnerability in Control API ‘VPNI’ impacts S+ Operations, S+ Engineering and S+ Analyst. CVSSv3 score of 7.5
More info.
HPE
Patch
Security vulnerabilities have been identified in HPE Unified OSS Console Assurance Monitoring (UOCAM). These vulnerabilities could allow a remote attacker to achieve Authentication Bypass, DoS, SSRF. Highest CVSSv3 score of 9.8
More info.
Lexmark
Patch
A buffer overflow vulnerability has been identified in the Internet Printing Protocol (IPP) in various Lexmark devices. CVSSv3 score of 8.8
More info.
Linux
Patch
Oracle Linux has updated the kernel. More info.
Wednesday 03 April 2024
VMware
Patch
Multiple vulnerabilities have been fixed in VMware SD-WAN. Highest CVSSv3 score of 7.4
More info.
Supermicro
Patch
Three security issues have been discovered in select Supermicro motherboards. Highest CVSSv3 score of 8.3
More info.
Patch
Hitachi
Patch
Hitachi has published several security bulletins for Cosminexus.
More info.
TRENDnet
Patch
TRENDnet has updated TEW-827DRU Firmware to fix a vulnerability that allows a remote attacker to gain root access to the device.
More info.
NetApp
New
NetApp has published 3 new bulletins identifying vulnerabilities in third-party software included in their products. Highest CVSSv3 score of 10.
No patches yet.
More info.
Linux
Patch
Tuesday 02 April 2024
Patch
Android Monthly Patches are out, with 8 vulnerabilities, all rated High, plus MediaTek, Widevine, and Qualcomm patches.
More info.
Samsung
Patch
Samsung Monthly Patches for Mobile are out, with Android patches and 17 additional Samsung vulnerabilities.
More info.
IBM
Patch
IBM Cloud Pak for Network Automation update addresses multiple vulnerabilities. Highest CVSSv3 score of 9.8
More info.
IBM App Connect Enterprise Certified Container instances that run or edit flows containing JSONata mapping are vulnerable to arbitrary code execution. CVSSv3 score of 9.8
More info.
IBM App Connect Enterprise is vulnerable to a DoS and RCE. Highest CVSSv3 score of 9.8
More info.
A vulnerability in Pillow affects IBM Process Mining. CVSSv3 score of 9.
More info.
IBM Jazz for Service Management and IBM Tivoli Netcool Impact are vulnerable to Apache Derby security bypass. CVSSv3 score of 9.1
More info. And here.
Netcool Operations Insights has addressed multiple security vulnerabilities. Highest CVSSv3 score of 9.8
More info.
IBM Maximo Application Suite uses postgresql-42.3.8.jar which is vulnerable. CVSSv3 score of 10.
More info.
Linux
Patch
Amazon Linux 2 has updated the kernel. More info.
Monday 01 April 2024
XZ Utils
Exploit
A backdoor has been installed in XZ Utils. It was discovered before it made its way into most Linux distributions and its impact should be limited. CVSSv3 score of 10.
More info. And here. And here.
Arch Linux has published a bulletin. More info.
Debian's bulletin identifies testing, unstable, and experimental distributions as affected.. More info.
Getoo says they don't think they're affected. More info.
NetBSD is unaffected. More info.
QNAP says their products are not affected. More info.
Qualcomm
Patch
Qualcomm Monthly Patches are out, with 12 addressed vulnerabilities, 1 rated Critical and the rest High. Highest CVSSv3 score of 9.8
More info.
MediaTek
Patch
The MediaTek Monthly Patches include 19 vulnerabilities, 4 rated High and the rest Medium. These vulnerabilities can lead to RCE, DoS, EoP, and Information Disclosure.
More info.
Eaton
Patch
Eaton has identified their PowerAlert Element Manager product as being updated to fix the 2021 Apache log4j vulnerabilties. CVSSv3 score of 10.
More info.
Microsoft
Patch
Microsoft as updated Edge to include the latest chromium fixes.
More info.
Dell
Patch
Data Protection Advisor has been updated to fix multiple vulnerabilities. Dell rates this Critical.
Note the vulnerabilities date back to 2016, and include log4j.
More info.
HPE
Patch
A security vulnerability has been identified in Web ViewPoint Enterprise software. A remote attacker can access resources on a NonStop system. CVSSv3 score of 8.3
More info.
PRODUCT
GUARDED
This alert state represents the return towards normalisation of an alert state, indicating that there was a higher alert state due to a product vulnerability during the previous few days.
PRODUCT
INCREASED
This alert state indicates that a product vulnerability has been identified within the last few days. The vulnerability is either difficult to exploit, or if exploited, results in reduced impact to the target system.
PRODUCT
HIGH
This alert state indicates a more serious vulnerability which is exploitable.
PRODUCT
CRITICAL
This alert state indicates a significant threat to the product, where exploits exist or where the vulnerability is potentially devastating.
NEW
NEW
This bottom descriptor is used with a vulnerability which has been identified in the last 24 hours, with no patch or exploit. It will typically be paired with Increased.
+24hrs
+24hrs
This bottom descriptor is used with Indicates an alert state which has been present for more than 24 hours. It will typically be paired with Guarded, and could be changed to +48hr for an item that came out as Critical.
Patch
PATCH
This bottom descriptor indicates that patches are available for vulnerabilities, whether it is the initial report or a patch of a vulnerability that had been previously reported. It could be paired with Increased or High, and on rare occasions Critical.
Exploit
EXPLOIT
This bottom descriptor indicates that an Exploit has been made public for a vulnerability, whether it is the initial report or an indication of an exploit for a vulnerability that had been previously reported. It could be paired with High or Critical.
ZERO
ZERO DAY
This bottom descriptor indicates that a vulnerability has been announced without the opportunity for the vendor to patch it before the details are made known. It could be paired with High or Critical.