Vulnerability Details

The Computer Network Defence Alert State is designed to give a granular and more dynamic visualisation of the current cyber security threat.  Any increase in an alert state will occur immediately an issue is detected and it will drop again by one level each working day

Our rationale for this agility is that vulnerabilities often occur in clusters, therefore reducing the alert state again quickly, will increase your visibility of new threats to the same product. Daily reductions in alert state occur at approximately 1900 GMT/UTC. Significant vulnerabilities may remain for longer. Vulnerabilities on this page are predominantly remotely executable, very few local server exploits will be shown.

Friday 09 December 2022


Aveva

Patch

InTouch Access Anywhere contains a Relative Path Traversal that could allow a remote attacker with network access to read files on the system outside of the secure gateway web server. CVSSv3 score of 7.5
More info.


Advantech

Patch

Advantech iView contains a SQL Injection vulnerability that could allow an attacker to acquire credentials. CVSSv3 score of 7.5
More info.


Dell

Patch

Dell ECS update is available for multiple security vulnerabilities in third-party software that may be exploited by remote attackers to compromise the affected system. Dell rates this Critical.
More info.


WithSecure

Patch

A DoS vulnerability in the fsicapd component can be triggered remotely.  WithSecure rates this Medium.
More info.


  

Thursday 08 December 2022


TIBCO

Patch

TIBCO Nimbus Web Client contains a vulnerability that allows an unauthenticated attacker with network access to exploit an open redirect on the affected system. CVSSv3 score of 9.3
More info.


Rockwell
Automation

Patch

Logix Controllers contain a vulnerability that will allow a remote attacker to cause a DoS on a targeted device.  CVSSv3 score of 8.6
More info.


Lenovo

Patch

AMI reported potential security vulnerabilities in some AMI MegaRAC SP-X Baseboard Management Controller that may allow user enumeration, unauthorized access or arbitrary code execution. Highest CVSSv3 score of 9.8
More info.


Fortinet

Patch

Monthly Patches are out with 6 bulletins, 1 rated High, 2 rated Medium, and 3 rated Low.  Highest CVSSv3 score of 7.7
More info.


PHP

Patch

PHP has updates to fix several vulnerabilities.  Highest CVSSv3 score of 9.8
More info. And here. And here.


Wireshark

Patch

It may be possible to make Wireshark consume excessive CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.
More info. And here.


  

Wednesday 07 December 2022


Cacti

Patch

A command injection vulnerability allows a remote attacker to execute arbitrary code on a server running Cacti, if a specific data source was selected for any monitored device. CVSSv3 score of 9.8
More info.


F5

New

BIG-IP and BIG-IQ are vulnerable to an issue in Java SE that could allow an attacker to create, delete or modify access to critical data. CVSSv3 score of 5.3
More info. And here.


Linux

Patch

Oracle Linux has updated the kernel. More info.
Red Hat has updated kpatch, grub2. More info.
Ubuntu has updated u-boot and others. More info.


  

Tuesday 06 December 2022


Intel

Patch

Potential security vulnerabilities in some Intel Server Board Baseboard Management Controller (BMC) firmware may allow escalation of privilege or information disclosure. Highest CVSSv3 score of 8.3
More info.


Google

Patch

Google Monthly Patches for Android have been published, and include fixes for 46 vulnerabilities, 4 rated Critical, plus Imagination Technologies, MediaTek, Unisoc, and Qualcomm.
More info.

Google Pixel Monthly Patches are also out, with 149 security vulnerability fixes, plus Qualcomm and Android patches.
More info.


Samsung

Patch

Samsung Monthly Patches are out, with 13 Samsung vulnerabilities, plus Google Android.
More info.


Microsoft

Exploit

Microsoft has updated Edge for the latest chromium vulnerabilities, including the latest exploited vulnerability.
More info.


IBM

Patch

IBM Cloud Transformation Advisor has addressed multiple security vulnerabilities. Highest CVSSv3 score of 9.8
More info. And here. And here. And here. And here. And here. And here. And here. And here.


Dell

Patch

Dell NetWorker vProxy remediation is available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected systems. Dell rates this Critical.
More info.

Dell has updated Avamar ADS Gen5A PowerEdge. Dell rates this Critical.
More info.


  

Monday 05 December 2022


Qualcomm

Patch

Qualcomm Monthly Patches are out, with 16 vulnerabilities, 1 rated Critical, 14 rated High, and 1 rated Medium. Highest CVSSv3 score of 8.4
More info.


Mediatek

Patch

Mediatek Monthly Patches include 19 vulnerabilities, 6 rated High and 13 rated Medium. No CVSSv3 scores assigned yet.
More info.


PostgreSQL

Patch

pgAdmin has been updated to ensure only authorized and authenticated users can validate binary paths when using pgAdmin running in server mode.
More info.


Google

Exploit

Google has updated Chrome for Desktop to fix a security vulnerability rated High.  An exploit exists.
More info.


  

Friday 02 December 2022


Sophos

Patch

Sophos Firewall has been updated to fix several security vulnerabilities, include RCE via the User Portal and Webadmin. Highest CVSSv3 score of 9.8
More info.


MISP

Patch

The latest version of MISP includes two security fixes for Critcal vulnerabilities. CVSSv3 score of 10 according to CERT Bund.
More info.


Horner
Automation

Patch

Horner Automation Remote Compact Controller update fixes 3 vulnerabilities. Successful exploitation of these vulnerabilities could allow an attacker to obtain credentials to the affected device and obtain complete control. Highest CVSSv3 score of 9.8
More info.


IBM

Patch

IBM App Connect Enterprise Certified Container operands may be vulnerable to arbitrary code execution. Highest CVSSv3 score of 9.8
More info. And here. And here. And here. And here. And here.

IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a security restrictions bypass in cURL libcurl. CVSSv3 score of 9.8
More info.


Asterisk

Patch

Asterisk has published a bulletin identifying a remote crash vulnerability in H323 channel add on.
More info.


Google

Patch

Google has updated ChromeOS and fixed 1 High Severity bug.
More info.


NetApp

New

NetApp has published 4 new bulletins identifying vulnerabilities in third-party software included in their products.  No patches yet. Highest CVSSv3 score of 8.8
More info.


Linux

Patch

Ubuntu has updated the kernel. More info.


  

Thursday 01 December 2022


Xerox

Patch

Xerox FreeFlow Print Server v7 and v9 have been updated with Oracle October 2022 patches. CVSSv3 score of 10, according to CERT Bund.
More info. And here.


Eaton

Patch

Form 7 recloser control and Proview NXG use CODESYS components.  Eaton has published a bulletin identifying vulnerabilites from 2021 and 2022 in their products due to CODESYS. A remote attacker could download and execute malicious code, cause a DoS, or cause a device to restart unexpectedly.
More info.


Carrier

Patch

LenelS2’s OnGuard platform is vulnerable to a Client Authentication Bypass vulnerability in Erlang/OTP through the installation/use of RabbitMQ. CVSSv3 score of 9.8
More info.


Apple

Patch

Apple has published a security update for iOS, but no details are available yet.
More info.


IBM

Patch

IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of GnuPG. Highest CVSSv3 score of 9.8
More info.

IBM MQ Operator and Queue manager container images are vulnerable to multiple vulnerabilities from Expat, SQlite, libxml2, Libksba, zlib and GnuTLS. Highest CVSSv3 score of 9.8
More info.


Rockwell
Automation

New

FactoryTalk Live Data Communication Module is vulnerable to a MitM attack. CVSSv3 score of 5.9
More info.


Veritas

Patch

Access Appliance and NetBackup Flex Scale are vulnerable to an unauthenticated command injection vulnerability. CVSSv3 score of 9.8
More info.


  

Wednesday 30 November 2022


NetBSD

Patch

ping contains memory safety bugs that can be triggered by a remote host, causing the ping program to crash. It may be possible for a malicious host to trigger remote code execution in ping. CVSSv3 score of 10, according to CERT Bund.
More info.


Google

Patch

Google has updated Chrome for Desktop to fix 28 security vulnerabilities.
More info.

Microsoft is aware. More info.


Linux

Patch

SUSE has updated the kernel. More info.
Red Hat has updated the kernel, kernelrt, and kpatch. More info.
Ubuntu has updated the kernel. More info.


  

Tuesday 29 November 2022


Festo

New

In multiple products by Festo a remote unauthenticated attacker could use functions of undocumented protocols which could lead to a complete loss of confidentiality, integrity and availability. CVSSv3 score of 9.8
The solution is to update the documentation.
More info.

Several products are shipped with an unsafe configuration of the integrated CODESYS Runtime environment. In this case no default password is set to the CODESYS PLC and therefore access without authentication is possible. Highest CVSSv3 score of 9.8
More info.


Mitsubishi
Electric

Patch

A DoS vulnerability exists in MELSEC iQ-R Ethernet Interface Module. This vulnerability allows a remote unauthenticated attacker to cause a DoS by sending specially crafted packets. CVSSv3 score of 8.6
More info.


Moxa

Patch

Moxa Secure Router EDR and TN Series contain an Improper Input Validation Vulnerability that could allow a remote attacker to cause a buffer overflow that crashes the web service.
This is a different bulletin than yesterday's.
More info.


Microsoft

Exploit

Microsoft has updated Edge to fix the latest exploited vulnerability in chromium.
More info.


F5

New

A flaw in BIG-IP named resolver code can cause excessive amounts of time on processing large delegations. By flooding the target resolver with queries exploiting this flaw, an attacker can deny legitimate clients access to the DNS resolution service. CVSSv3 score of 5.3
No patches yet.
More info.


NetApp

New

NetApp has published 6 new bulletins identifying 5 vulnerabilities in Brocade SANnav and a vulnerability in Samba included in their products.
More info.


  

Monday 28 November 2022


Google

Exploit

Google has updated Chrome for Desktop to fix 1 security vulnerability rated High.
More info.


Atos

Patch

A command injection vulnerability has been identified in Atos Unify OpenScape 4000 Assistant and Atos Unify OpenScape 4000 Manager that may allow an unauthenticated attacker to upload arbitrary files and get administrative access to the system. CVSSv3 score of 9.8
More info.


Moxa

Patch

Moxa Secure Router EDR and TN Series contain an Improper Input Validation Vulnerability that could allow a remote attacker to cause a buffer overflow that crashes the web service.
More info.


Linux

Patch

Mageia has updated the kernel and kernel firmware. More info.
Oracle Linux has updated the kernel. More info.


  

ALERT DEFINITIONS

PRODUCT

GUARDED 

This alert state represents the return towards normalisation of an alert state, indicating that there was a higher alert state due to a product vulnerability during the previous few days.


PRODUCT

INCREASED 

This alert state indicates that a product vulnerability has been identified within the last few days. The vulnerability is either difficult to exploit, or if exploited, results in reduced impact to the target system.


PRODUCT

HIGH 

This alert state indicates a more serious vulnerability which is exploitable.


PRODUCT

CRITICAL 

This alert state indicates a significant threat to the product, where exploits exist or where the vulnerability is potentially devastating.


NEW

NEW 

This bottom descriptor is used with a vulnerability which has been identified in the last 24 hours, with no patch or exploit. It will typically be paired with Increased.


+24hrs

+24hrs

 This bottom descriptor is used with Indicates an alert state which has been present for more than 24 hours. It will typically be paired with Guarded, and could be changed to +48hr for an item that came out as Critical.


Patch

PATCH 

This bottom descriptor indicates that patches are available for vulnerabilities, whether it is the initial report or a patch of a vulnerability that had been previously reported.  It could be paired with Increased or High, and on rare occasions Critical.


Exploit

EXPLOIT 

This bottom descriptor indicates that an Exploit has been made public for a vulnerability, whether it is the initial report or an indication of an exploit for a vulnerability that had been previously reported.  It could be paired with High or Critical.


ZERO

ZERO DAY 

This bottom descriptor indicates that a vulnerability has been announced without the opportunity for the vendor to patch it before the details are made known.  It could be paired with High or Critical.