Vulnerability Details

The Computer Network Defence Alert State is designed to give a granular and more dynamic visualisation of the current cyber security threat.  Any increase in an alert state will occur immediately an issue is detected and it will drop again by one level each working day

Our rationale for this agility is that vulnerabilities often occur in clusters, therefore reducing the alert state again quickly, will increase your visibility of new threats to the same product. Daily reductions in alert state occur at approximately 1900 GMT/UTC. Significant vulnerabilities may remain for longer. Vulnerabilities on this page are predominantly remotely executable, very few local server exploits will be shown.

Thursday 14 November 2019

Dell

Patch

Dell has pubished a security bulletin rated Critical.  Oracle JRE within Dell EMC Storage Monitoring and Reporting requires a security update to address various vulnerabilities.
More info.


Xerox

Patch

Xerox has published updates that apply the October Microsoft updates and Java and Firefox updates to the FreeFlow Print Server.
More info.


F5

New

An attacker can use Function inside of vulnerable versions of lodash to execute malicious code using the Traffic Management User Interface (TMUI) or iControl REST API.
More info.


Synology

Patch

A vulnerability allows remote attackers to conduct denial-of-service attacks via a susceptible version of Synology Assistant.
More info.


Linux

Patch

SUSE has updated the kernel and microcode.  More info.
OpenSUSE has updated the kernel, microcode, and others.  More info.
Arch Linux has updated the microcode.  More info.
RedHat has updated the kernel.  More info.
CentOS has updated the kernel, microcode, thunderbird, and others.  More info.
Oracle Linux has updated the kernel.  More info.
Debian has updated the kernel, microcode, and others.  More info.
Scientific Linux has updated the kernel.  More info.


  

Wednesday 13 November 2019

Microsoft

Patch

Microsoft Monthly Patches are out.  There is a total of 74 vulnerabilities, including two advisories. 14 of the vulnerabilities are rated critical. Two vulnerabilities had been disclosed prior to today, and one critical scripting engine vulnerability that may lead to RCE has already been exploited in the wild.
More info.  And here.  And here.

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.  This is actively being exploited.
More info.


Adobe

Patch

Adobe Monthly Patches are out.  Adobe has released security updates to address vulnerabilities in Animate CC 2019, Illustrator CC, Media Encoder, and Bridge CC. An attacker could exploit some of these vulnerabilities to take control of an affected system.
More info.


Intel

Patch

Intel has published 18 bulletins, two rated Critical and eight rated High.
More info.

Potential security vulnerabilities in Intel Baseboard Management Controller (BMC) firmware may allow escalation of privilege, denial of service and/or information disclosure.
More info.

Potential security vulnerabilities in Intel CSME, Intel SPS, Intel TXE, Intel AMT, Intel PTT, and Intel DAL may allow escalation of privilege, denial of service or information disclosure.
More info.

Lenovo has published updates for the Intel vulnerabilities.  More info.
Supermicro has published updates.  More info.
HP has published updates.  More info.
Dell has published updates.  More info.
FreeBSD has updated for two Intel vulnerabilities.  More info.
Citrix has updated.  More info.
Xen has updated.  More info.
NetApp has published eight bulletins.  More info.


Philips

New

Philips has become aware of a potential issue with inadequate encryption strength associated with the Philips IntelliBridge EC40 and EC80 Hub. Successful exploitation of this issue may allow an unauthorized user access to the hub, and may allow access to execute software, modify system configuration, or view/update files, including unidentifiable patient data.
More info.


McAfee

Patch

An ePolicy Orchestrator update fixes multiple Java vulnerabilities that can allow Information Exposure, DoS, and Information Modification.
More info.

Unprotected Transport of Credentials in ePO extension in McAfee Data Loss Prevention allows remote attackers with access to the network to collect login details to the LDAP server via the ePO extension not using a secure connection when testing LDAP connectivity.
More info.


F5

New

Traffix SDC is vulnerable to issues in libpcap.
More info.


Linux

Patch

SUSE has updated the kernel, python, dhcp, and others.  More info.
Arch Linux has updated the kernel and others.  More info.
RedHat has updated the kernel.  More info.
Oracle Linux has updated the kernel.  More info.
Ubuntu has updated the kernel and others.  More info.


  

Tuesday 12 November 2019

SAP

Patch

SAP Monthly Patches are out.  There are 12 new security notes and three updated ones.  All of the updated notes are rated Hot News, one new bulletin is rated Hot News, one is High, the rest are Medium.  Three bulletins address missing authorization vulnerabilities.
More info.


Siemens

New

Siemens Monthly Patches are out.  There are three new bulletins, and five updated bulletins.  Several of the updates include patches to previously reported vulnerabilities.
More info.

The latest update for Desigo PXC devices fixes a vulnerability that could allow unauthenticated remote users to cause a denial of service condition on the PX Web interface (HTTP, port tcp/80) of a device.
More info.


Schneider

Patch

Schneider Electric has published Monthly Patches, with two new bulletins and six updated bulletins.  The two new bulletins address XSS in Andover Continuum and Information Exposure in Modicon Controllers.  New bulletins are not yet available on the site.
More info.


F5

New

F5 has identified that their products are vulnerable to recent issues patched in tcpdump.  No fixes yet.
More info.


  

Monday 11 November 2019

Squid

Patch

Multiple vulnerabilities have been published for squid, including HTTP response splitting, DoS, and RCE.
More info.


Gemalto

New

Thales/Gemalto Product Security Team has investigated recently reported vulnerabilities in Sentinel LDK License Manager.
More info.


IBM

Patch

IBM QRadar SIEM is vulnerable to multiple kernel and Eclipse Jetty vulnerabities.
More info.  And here.


Linux

Patch

SUSE had updated libssh, apache, and others.  More info.
OpenSUSE has updated php, firefox, thunderbird, python, and others.  More info.
Arch Linux has updated the kernel and squid.  More info.
Debian has updated chromium.  More info.
Ubuntu has updated bash. More info.


  

Friday 8 November 2019

Medtronic

Patch

Medtronic Valleylab FT10 and FX8 products use multiple sets of hard-coded credentials, reversible one-way hash, and a vulnerable version of the rssh utility.  Patches for FT10 are available.
More info.  And here.


Mitsubishi

Patch

Mitsubishi Electric MELSEC-Q Series and MELSEC-L Series CPU Modules contain a security vulnerability that would allow a remote attacker to cause a DoS through the FTP service.
More info.


Chrome

Patch

Google has released an update for Chrome for Desktop containing 4 security fixes.
More info.


Honeywell

Patch

Honeywell MAXPRO VMS contains two vulnerabilities that can allow Unauthenticated RCE via unsafe binary deserialization and Unauthenticated Remote arbitrary SQL command execution.
More info.


Hitachi

Patch

Hitachi has published security bulletins for Cosminexus HTTP Server, Hitachi Command Suite, and Hitachi Infrastructure Analytics Advisor.
More info.


Linux

Patch

SUSE had updated thunderbird, gdb, and others.  More info.
Gentoo Linux has updated openssl, openssh, and others.  More info.
Mageia has updated chromium, thunderbird, firefox, python, proftd, and others.  More info.
Scientific Linux has updated thunderbird.  More info.


  

Thursday 7 November 2019

Cisco

Patch

Cisco has published 16 bulletins for their products, 8 rated High, 6 Medium, and 2 are Informational.
More info.

Multiple vulnerabilities in Cisco Webex Network Recording Player for Microsoft Windows and Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system.
More info.

Multiple vulnerabilities in the video service of Cisco TelePresence Collaboration Endpoint (CE) and Cisco RoomOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
More info.

Cisco firmware for Cisco RV320 and RV325 Dual Gigabit WAN VPN Routers and RV016, RV042, RV042G, and RV082 Routers are affected by Static certificates and keys, Hardcoded password hashes, and Multiple vulnerabilities in third-party software components.
More info.  And here.


Moxa

Patch

Moxa has reported vulnerabilities in EDS-405A Series Ethernet Switches that could allow an attacker to cause a DoS.
More info.


NetApp

New

NetApp has published five bulletins documenting third-party software vulnerabilities in their products. No patches.
More info.


Linux

Patch

SUSE had updated libssh and php.  More info.
OpenSUSE has updated chromium.  More info.
Arch Linux has updated squid and the kernel.  More info.
RedHat has updated chromium, thunderbird, sudo, and others.  More info.
Scientific Linux has updated sudo.  More info.
Amazon Linux has updated subversion and docker.  More info.
Amazon Linux 2 has updated dovecot, samba, and others.  More info.


  

Wednesday 6 November 2019

Omron

Patch

Omron CX-Supervisor uses a vulnerable version of TeamViewer.  Successful exploitation could result in information disclosure, total compromise of the system, and system unavailability.
More info.

Omron has released an updated version of Network Configurator for DeviceNet Safety to address a previously reported vulnerability.
More info.


Linux

Patch

SUSE had updated samba, libssh, and others.  More info.
OpenSUSE has updated php, python, the kernel, and others.  More info.
RedHat has updated php, python, and others.  More info.
Debian has updated proftpd.  More info.
Ubuntu has updated nokogiri, haproxy, and others.  More info.


  

Tuesday 5 November 2019

Qualcomm

Patch

Qualcomm has published their monthly patches, with 13 fixed vulnerabilities.  Five are marked Critical, six are High, the other two are Medium.  Six have an attack vector of Remote.
More info.


Google

Patch

Google has published their Monthly Patches for Android.  There are 27 vulnerability fixes plus the Qualcomm patches.  Three are rated Critical, four allow RCE.
More info.

They have also released the Monthly Patches for Pixel, with 19 fixed vulnerabilities, with one allowing RCE.
More info.


Brocade

Patch

Brocade has published seven new bulletins for their SANnav product, covering MItM, weak encryption, hardcoded passwords and more.  Highest CVSSv3 score is 7.5.
More info.


F5

New

All F5 products are vulnerable to a DoS vulnerability in tcpdump.  When tcpdump is active and configured to parse FRF.16 traffic, certain traffic patterns may trigger a crash or other unexpected behavior of the tcpdump process.
More info.


Tenable

Patch

Tenable has published a standalone PHP patch for Tenable.sc
More info.


Linux

Patch

SUSE had updated samba and python-ecdsa.  More info.
Arch Linux has updated electron and samba. More info.
Debian has updated webkit2gtk.  More info.


  

Monday 4 November 2019

ABB

Exploit

ABB is aware of public reports of a vulnerability in Power Generation Information Manager and Plant Connect. An attacker who exploits this vulnerability can bypass authentication and extract the user credentials used within the application. CVSSv3 score of 9.8.
Note this statement: "In some cases, end users have used the same usernames and passwords for Windows login. In such instances, if an unauthorized user extracts credentials for PGIM and Plant Connect, then they would also be in possession of Windows credentials, potentially compromising the security of the Domain."

An updated product, Symphony Plus Historian, is available that resolves the publicly reported vulnerabilities.
More info.


Xerox

Patch

Multiple security vulnerabilities have been fixed in Xerox AltaLink products.
More info.


QNAP

Exploit

The QSnatch malware is reportedly being used to target QNAP NAS devices. QNAP has added rules to remove the QSnatch malware and released Malware Remover 3.5.4.0 and 4.5.4.0.
More info.


Linux

Patch

OpenSUSE had updated chromium.  More info.
Arch Linux has updated chromium, ghostscript, python, glibc, and others. More info.
CentOS has updated php, firefox, nss, and others.  More info.
Scientific Linux has updated firefox and php.  More info.
Amazon Linux and Amazon Linux 2 have updated php.  More info.


  

Friday 1 November 2019

Chrome

Patch

Google has published a new version of Chrome for Desktop that contains two security fixes, the most severe of which could result in arbitrary code execution. These vulnerabilities can be exploited if a user visits, or is redirected to, a specially crafted web page.  One of these is actively exploited in the wild.
More info.


Advantech

New

Advantech WISE-PaaS/RMM contains multiple vulnerabilities, including Path Traversal, Missing Authorization, Improper Restriction of XML External Entity Reference, and SQL Injection. Successful exploitation of these vulnerabilities may allow information disclosure, remote code execution, and compromise system availability.  Note these products are EOL.
More info.


Dell

Patch

Dell has published security updates for EMC Avamar and Networker Security that corrects multiple third-party components vulnerabilities.
More info.


Hitachi

New

Multiple vulnerabilities have been found in Hitachi Command Suite, Hitachi Automation Director, Hitachi Configuration Manager, Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center.
More info.

Multiple vulnerabilities have been identified in Cosminexus.
More info.


SonicWall

Patch

SonicWall physical firewall appliances running certain versions of SonicOS contain vulnerabilities in code utilized for remote management.
More info.


Linux

Patch

SUSE had updated the kernel and samba.  More info.
RedHat Linux has updated php and others.  More info.
CentOS has updated firefox, thunderbird, and sudo.  More info.
Oracle Linux has updated php.  More info.
Debian has updated libarchive and one other.  More info.
Scientific Linux has updated php.  More info.


  

Thursday 31 October 2019

Apple

Patch

Apple has published additional bulletins for iTunes and iCloud.
More info.


MicroFocus

Patch

A vulnerability has been identified in AccuRev for LDAP Integration. If the AccuRev server and the AccuRev for LDAP Integration version 2017.1 are installed on a Linux or Solaris system, anyone who knows a valid AccuRev username can use the AccuRev client to login and gain access to AccuRev source control without knowing the user’s password.  CVSSv3 score of 9.1
More info.


Xen

Patch

Xen has published six new bulletins, most vulnerabilities require guest access to exploit.
More info.


NetApp

New

NetApp has published six new bulletins for vulnerabilities in third party software in their products.  No patches.
More info.


Linux

Patch

SUSE had updated the kernel, samba, php, firefox, and others.  More info.
RedHat Linux has updated firefox, sudo, and others.  More info.
Amazon Linux has updated openssh and python.  More info.
Amazon Linux 2 has updated http, mod_http, and sssd.  More info.


  

Wednesday 30 October 2019

Apple

Patch

Apple has published the details for the security updates for Safari, two versions of iOS, iPadOS and tvOS.  Also, an update for watchOS and macOS has been published.  Several vulnerabilities allow remote code execution.
More info.  And here.


BlackBerry

Patch

BlackBerry has released a security update to address multiple vulnerabilities in BlackBerry powered by Android smartphones.
More info.


Huawei

Patch

There are two heap buffer overflow vulnerabilities in Broadcom WiFi chipset drivers. A remote, unauthenticated attacker may send specially-crafted WiFi packets to exploit these vulnerabilities.
More info.

There is an improper authentication vulnerability in some Huawei smartphones. Successful exploitation may cause the attacker to access specific components.
More info.


Linux

Patch

SUSE had updated python, samba, php, and others.  More info.
RedHat Linux has updated samba and others.  More info.
Oracle Linux has updated thunderbird.  More info.
Ubuntu has updated libarchive, samba, and others.  More info.
Mageia has updated php, the kernel, and others.  More info.
Scientific Linux has updated thunderbird.  More info.


  

Tuesday 29 October 2019

MikroTik

Patch

RouterOS DNS implementation is vulnerable to unauthenticated remote DNS cache poisoning via Winbox. The router is impacted even when DNS is not enabled.
More info.

The upgrade system used by RouterOS is vulnerable to man in the middle attacks and insufficient package validation. An attacker can abuse these vulnerabilities to downgrade a router's installed RouterOS version, possibly lock the user out of the system, possibly disable the system.
More info.


Apple

Patch

Apple has published security updates for Safari, two versions of iOS, iPadOS and tvOS.  No details of the vulnerabilities are listed at the moment.
More info.


TrendMicro

Patch

Trend Micro has released Critical Patches for Trend Micro OfficeScan 11.0 SP1 and XG which resolve an arbitrary file upload with directory traversal vulnerability. 
More info.

Trend Micro has released a Critical Patch for Trend Micro Apex One (on-premise) which resolves an arbitrary file upload with command injection vulnerability. 
More info.

Trend Micro has released Patches and Critical Patches (CPs) for Trend Micro Commercial Endpoint Protection products - Apex One, OfficeScan, and Worry-Free Business Security - which resolve a root login bypass with directory traversal vulnerability. 
More info.


F5

New

A vulnerability in tcpdump used in F5 products could allow an attacker to gain access to sensitive information and also cause a denial of service (DoS).
More info.


Samba

Patch

A malicious server can craft a pathname containing separators and return this to client code, causing the client to use this access local pathnames for reading or writing instead of SMB network pathnames.
More info.


eIDAS-Node

Patch

Critical vulnerabilities exist in the eIDAS-Node software component (EU cross-border authentication). These vulnerabilities could allow an attacker to impersonate any EU citizen.
More info.


Linux

Patch

SUSE had updated python and others.  More info.
RedHat Linux has updated chromium, thunderbird, and sudo.  More info.
Debian has updated php.  More info.
Ubuntu has updated php.  More info.


  

Monday 28 October 2019

PHP

Patch

Multiple vulnerabilities have been discovered in PHP, the most severe of which could allow for arbitrary code execution.
More info.


Phoenix Contact

New

If MAC-based port security or 802.1x port security is enabled, the FL NAT 2xxx will unintentionally grant access to unauthorized devices in case of routed transmission.  CVSSv3 score of 8.1
More info.


IBM

Patch

IBM Security Guardium contains multiple vulnerabilities, including cleartext transmission of sensitive info, information exposure, hardcoded credentials, and improper authorization.
More info.


Linux

Patch

OpenSUSE has updated python, the kernel, and others.  More info.
Arch Linux has updated chromium, firefox, and thunderbird.  More info.
Debian has updated firefox, golang, and file.  More info.
Amazon Linux has updated exim, httpd, and patch.  More info.


  

Friday 25 October 2019

Philips

New

Philips has become aware that for Versions K and prior of the Philips IntelliSpace Perinatal system, a potential vulnerability may allow an unauthorized user access to system resources. This could impact confidentiality and integrity of the system and application. To exploit this issue, an attacker would require physical access to a locked application screen, or a remote desktop session host application.
More info.


Rittal

Patch

Rittal Chiller SK 3232-Series contains two authentication vulnerabilities. The authentication mechanism on affected systems is configured using hard-coded credentials, and does not provide a sufficient level of protection against unauthorized configuration changes. Primary operations, namely turning the cooling unit on and off and setting the temperature set point, can be modified without authentication.  CVSS of 9.1
More info.


IBM

Patch

The IBM Security Access Manager product can be attacked using the Slowloris Denial of service attack, by allowing an unauthenticated attacker to cause a denial of service in the reverse proxy component.
More info.


ABB

Patch

ABB has published four security bulletins for Relion 650 and 670 series, covering OpenSSL, a Terminal Reboot vulnerability that allows DoS, and an MMS Path Traversal vulnerability.
More info.

An attacker who successfully exploited the MMS Path Traversal vulnerability could retrieve any file on the device’s flash drive without authentication on the device or make the product inoperative by deleting files from the device’s flash drive.  CVSSv3 score of 10.
More info.


VMware

Patch

A malicious actor with man-in-the-middle positioning between vCenter Server Appliance and a backup target may be able to intercept sensitive data in transit during File-Based Backup and Restore operations.
More info.


Linux

Patch

SUSE has updated xen and others.  More info.
Arch Linux has updated php.  More info.
Gentoo Linux has updated php.  More info.
Scientific Linux has updated sudo.  More info.
Amazon Linux 2 has updated curl.  More info.


  

Thursday 24 October 2019

CODESYS

Patch

A specific crafted request may cause a stack-based buffer overflow and could therefore execute arbitrary code on the CODESYS ENI server or lead to a denial-of-service condition due to a crash in the CODESYS ENI server.
More info.


Dell

Patch

Dell has released a security update for third-party software supportutils in the EMC Unity Family and EMC Unity XT Family.
More info.


Avaya

Patch

Avaya has published security updates addressing vulnerabilities in the underlying OS (RedHat).
More info.


NetApp

Patch

NetApp has published five security bulletins addressing vulnerabilities in third-party software used in their products, with no patches.  One bulletin has been published addressing an l2ping DoS vulnera bility that has been patched.
More info.


Thunderbird

Patch

Multiple vulnerabilities have been fixed in Thunderbird.
More info.


Linux

Patch

SUSE has updated the kernel.  More info.
RedHat has updated firefox and sudo.  More info.
Oracle Liinux has updated firefox.  More info.
Ubuntu has updated firefox.  More info.
Mageia has updated openjdk, chromium, and others.  More info.
Scientific Linux has updated firefox and openafs.  More info.


  

Wednesday 23 October 2019

Firefox

Patch

Multiple vulnerabilities have been fixed in Firefox and Firefox ESR, the most serious of which could allow RCE.
More info.  And here.


Chrome

Patch

Google has updated Chrome for the Desktop, with 37 security fixes.
More info.


IBM

Patch

IBM Security Proventia Network Active Bypass has addressed the vulnerabilities in OpenSSL and glibc.
More info.  And here.  And here.


Dell

Patch

Dell has published a security update for EMC Data Computing Appliance (DCA) to update multiple third-party components.
More info.


Huawei

Patch

There is an out of bound read vulnerability in some Huawei products. A remote, unauthenticated attacker may send a corrupt or crafted message to the affected products.
More info.


Linux

Patch

SUSE has updated python, the kernel, and others.  More info.
OpenSUSE has updated gcc.  More info.
Arch Linux has updated pacman.  More info.
RedHat has updated firefox and the kernel.  More info.
CentOS has updated openjdk and patch.  More info.
Ubuntu has updated the kernel.  More info.
Scientific Linux has updated openjdk.  More info.


  

Tuesday 22 October 2019

F5

New

Traffix SDC is vulnerable to a DoS in the linux kernel.
More info.


Linux

Patch

SUSE has updated dhcp and procps.  More info.
RedHat has updated python, wget, and the kernel.  More info.
CentOS has updated the kernel.  More info.
Oracle Linux has updated openjdk.  More info.
Debian has updated openjdk and tcpdump.  More info.
Ubuntu has updated the kernel, uw imap, and exiv2.  More info.
Alpine Linux has published a new release with several security fixes.  More info.


  

Monday 21 October 2019

Citrix

Patch

A vulnerability has been identified in the management interface of Citrix Application Delivery Controller (ADC) formerly known as NetScaler ADC, and Citrix Gateway, formerly known as NetScaler Gateway, that, if exploited, could allow an attacker with access to the management interface to gain administrative access to the appliance.
More info.


Novell

Patch

The latest release of Self Service Password Reset (SSPR) includes a fix for a security vulnerability. The Rest Server Certificate was not being validated.
More info.


Fortinet

Patch

Multiple information exposure vulnerabilities in FortiOS may allow an unauthenticated attacker to perform some information gathering via parsing the HTTP headers, web portal certificate, and error messages. The exposed information includes the FortiGate's model, serial number and internal IP address.
More info.


Linux

Patch

RealTek Wireless drivers can be exploited by a malicious attacker within wi-fi range to allow DoS or possibly RCE.  No patches yet, expect them to start rolling out.
More info.

SUSE has updated the kernel, python, sudo, and others.  More info.
OpenSUSE has updated dhcp, tcpdump, libpcap, and lighttpd.  More info.
Arch Linux has updated go.  More info.
RedHat has updated java.  More info.
Debian has updated openjdk and one other.  More info.
Scientific Linux has updated openjdk and the kernel.  More info.


  

Friday 18 October 2019

ABB

Patch

ABB is aware of public reports of a vulnerability in UNO-DM. An unauthenticated attacker who successfully exploited this vulnerability could obtain access to some product information (nameplate, current connected IP, log).
More info.


Xerox

Patch

Xerox has published multiple bulletins for their printer products over the last week, most updates for the Urgent/11 VxWorks vulnerabilities.  Worth a look if you manage Xerox printers.
More info.


Dell

Patch

RSA Authentication Manager software contains an XML Entity Injection vulnerability associated with token distribution.
More info.

Multiple components within RSA Authentication Manager require a security update to address various vulnerabilities.   (This was rated Critical).
More info.


NetApp

New

NetApp has published six new bulletins documenting vulnerabilities in third-party software used in their products.
More info.


Linux

Patch

SUSE has updated the kernel and postgresql.  More info.
Scientific Linux has updated java.  More info.


  

Thursday 17 October 2019

VPNs

Exploit

Originally reported in April, apparently there are enough still-vulnerable VPN appliances and client installs that the NSA, CERT, and other agencies are publishing bulletins urging companies to update.  The vendors identified are Pulse Secure, Palo Alto, and Fortinet.
If you have a VPN system, check it and update it if needed.  Be a good netizen!
More info.  And hereHere.    And here.


BIND

Patch

An error in the validity checks for incoming Mirror Zone data can allow an on-path attacker to replace mirror zone data that was validated with a configured trust anchor with forged data of the attacker's choosing.
More info.

A defect in code added to support QNAME minimization can cause named to exit with an assertion failure if a forwarder returns a referral rather than resolving the query.
More info.


Eaton

Patch

Eaton is aware of a potential vulnerability in the CGLine+ Web Controller when connected to the supervision software CGVision.  No further information is available.
More info.


TrendMicro

Patch

Trend Micro has released updates for Deep Security that resolves StartTLS LDAP Confidentiality and Local Arbitrary File Overwrite vulnerabilities.
More info.


Cisco

Patch

Cisco has published 28 new bulletins, one rated Critical, five rated High, and the rest Medium.
More info.

A vulnerability in Cisco Aironet Access Points (APs) Software could allow an unauthenticated, remote attacker to gain unauthorized access to a targeted device with elevated privileges. The vulnerability is due to insufficient access control for certain URLs on an affected device.  CVSSv3 of 9.8
More info.

A vulnerability in the Secure Shell (SSH) session management for Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability exists because the SSH process is not properly deleted when an SSH connection to the device is disconnected.
More info.

A vulnerability in the Point-to-Point Tunneling Protocol (PPTP) VPN packet processing functionality in Cisco Aironet Access Points (APs) could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of Generic Routing Encapsulation (GRE) frames that pass through the data plane of an affected AP.
More info.


Linux

Patch

SUSE has updated mariadb, gcc, and libreoffice.  More info.
RedHat has updated java and others.  More info.
Oracle Linux has updated the kernel and java.  More info.
Debian has updated unbound.  More info.
Arch Linux has updated xpdf.  More info.
Mageia has updated sudo, tcpdump, libpcap, the kernel, nmap, and others.  More info.
Scientific Linux has updated jss.  More info.


  

Wednesday 16 October 2019

Oracle

Patch

Oracle Quarterly Patches are out.  There are a total of 219 patched vulnerabilities across 23 product families, with 141 of them remotely exploitable.  CVSSv3 scores show 18 rated 9.0 or higher, and one rated 10.
The affected products are listed here, with number of vulnerabilities/number remotely exploitable:  10/2 patches for Database Server, 1/0 for NoSQL Database Server, 13/11 for Construction and Engineering, 10/10 for E-Business Suite, 7/5 for Enterprise Manager, 7/4 for Financial Services, 7/3 for Food and Beverage Applications, 37/31 for Fusion Middleware, 3/2 for GraalVM, 2/2 for Health Sciences Applications, 3/2 for Hospitality Applications, 3/0 for Hyperion Risk, 20/20 for Java SE, 1/1 for JD Edwards, 34/9 for MySQL, 13/10 for PeopleSoft, 4/4 for PeopleSoft, 12/9 for Retail Applications, 4/4 for Siebel CRM, 12/7 for Systems, 3/3 for Supply Chain, 2/2 for Support Tools , and 11/0 for Virtualization,
More info.


Adobe

Patch

Adobe has published updates for Acrobat and Reader, Download Manager, Experience Manager, and Experience Manager Forms.
More info.

Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS.  Successful exploitation could lead to arbitrary code execution in the context of the current user.
More info.

Adobe has released security updates for Adobe Experience Manager (AEM).  Successful exploitation could result in unauthorized access to the AEM environment.
More info.


IBM

Patch

IBM Security Guardium is affected by known vulnerabilities in Bouncy Castle.
More info.


Gemalto

New

Thales/Gemalto Product Security Team has investigated recently reported vulnerabilities in Sentinel LDK License Manager when installed as a service.
More info.


Meinberg

Patch

Critical security vulnerabilities were detected in LANTIME firmware.  Updated firmware is available.
More info.


Apache

Patch

Apache Fineract has updated for one Critical and two Important vulnerabilities.  The Critical vulnerability exists in spring security upstream dependencies and allowed malicious users to trigger remote code execution
More info.


CA

Patch

A vulnerability exists in CA Performance Management that can allow a remote attacker to execute arbitrary commands.  A malicious attacker may use the default credentials and exploit a weakness in the configuration to execute arbitrary commands on the Performance Center server.
More info.


Linux

Patch

SUSE has updated tcpdump, libpcap, sudo, and others.  More info.
RedHat has updated the kernel.  More info.
Oracle Linux has updated the kernel and sudo.  More info.


  

Tuesday 15 October 2019

Aveva

Patch

The IEC870IP driver for Vijeo Citect and Citect SCADA has a buffer overflow that could cause a server-side crash.
More info.


F5

Patch

Traffix SDC contains a vulnerability in OpenLDAP.  Attackers may be able to obtain access to restricted resources.
More info.


Linux

Patch

SUSE has updated the kernel, dhcp, sudo, and others.  More info.
OpenSUSE has updated sudo.  More info.
Debian has updated sudo.  More info.
Ubuntu has updated sudo.  More info.
Amazon Linux has updated sudo.  More info.


  

Monday 14 October 2019

Sophos

Patch

A critical shell injection vulnerability in Sophos Cyberoam Firewall appliances running CyberoamOS (CROS) can be exploited by sending a malicious request to either the Web Admin or SSL VPN consoles, which would enable an unauthenticated remote attacker to execute arbitrary commands.
More info.


Linux

Patch

SUSE has updated the kernel and others.  More info.
OpenSUSE has updated chromium.  More info.
Oracle Linux has updated the kernel.  More info.


  

Friday 11 October 2019

Google

Patch

Google has updated the stable channel of Chrome with a version that fixes 8 security vulnerabilities.
More info.


Dell

Patch

Dell EMC Avamar contains remediation for an XML External Entity Injection vulnerability that may potentially be exploited by malicious users to compromise the affected system.  Note that the CVSS analysis lists Privelege Required as None.
More info.


Novell

Patch

The latest NetIQ version contains security updates for XSS, java deserialization, and weak encryption.
More info.


HP

Patch

HP has added HP PageWide printers to affected product list for a previous bulletin.
More info.


Hitachi

Patch

Hitachi has published updates for Global Link Manager, Cosminexus HTTP Server and Hitachi Web Server, and JP1 and IT Operations Director.
More info.


Linux

Patch

OpenSUSE has updated the kernel.  More info.
Arch Linux has updated chromium, sdl, and outbound.  More info.
Amazon Linux has updated golang, the kernel, and a few others.  More info.


  

Thursday 10 October 2019

Jupiter

Patch

Juniper Quarterly Patches are out addressing vulnerabilities in JunOS and third-party software that could result in DoS, Information Disclosure, cleartext logging of authentication credentials, and MitM.
More info.


iTerm2

Patch

iTerm2 with tmux integration is vulnerable to remote command execution.
More info.


SolarWinds

Exploit

The Solarwinds Dameware Mini Remote Client agent supports smart card authentication by default which allows a user to upload an executable to be executed on the host with the privileges of the Local System account. An unauthenticated, remote attacker can request smart card login and upload and execute an arbitrary executable.  CVSSv3 of 10
More info.


Dräger

New

An unauthorized attacker who has the skills and the access to the hospital network could potentially cause the Infinity M300 device to reboot, lose alarm functionality, and/or lose communication with the Infinity Network.
More info.


Linux

Patch

Ubuntu has updated python.  More info.


  

Wednesday 9 October 2019

ICS

New

Sunny WebBox, an EOL product of SMA Solar Technology AG contains a CSRF vulnerability. No patch will be available due to the EOL status.
More info.

GE Mark VIe Controller are affected by at least one of the following vulnerabilities. Some versions are affected by both.  Improper Authorization - an unsecured Telnet protocol may allow a user to create an authenticated session using generic default credentials, and pre-configured hard-coded credentials that may allow root-user access to the controller.  Recommendations include disabling Telnet and changing the passwords.
More info.

Beckhoff TwinCAT may be configured to use the Profinet driver.  In that case a denial of service of the controller could be reached by sending special packets to the device.
More info.


Cobham

New

Multiple vulnerabilities have been identified in the Cobham EXPLORER 710, a portable satellite terminal used to provide satellite telecommunications and internet access.  Most are local, but one reads:  The web application portal allows unauthenticated access to port 5454 on the device. This could allow an unauthenticated, remote attacker to connect to this port via Telnet and execute 86 Attention (AT) commands.  In other words, RCE.
More info.


NetApp

Patch

NetApp has published four new bulletins, two of which are for third-party software vulnerabilities, no patches yet.  The other two are NetApp  vulnerabilities with patches.
More info.

Clustered Data ONTAP versions 9.0 and higher do not enforce hostname verification under certain circumstances making them susceptible to impersonation via man-in-the-middle attacks.
More info.


Linux

Patch

SUSE has updated the kernel, firefox, and others.  More info.
OpenSUSE has updated sqlite and others.  More info.
Ubuntu has updated thunderbird and others.  More info.


  

Tuesday 8 October 2019 - Part 2

Microsoft

Patch

Microsoft Monthly Patches are out with 59 vulnerabilities, 9 of which are rated Critical.  The October security release consists of security updates for Microsoft Windows, IE, Microsoft Edge, ChakraCore, Microsoft Office and Microsoft Office Services and Web Apps, SQL Server Management Studio, Open Source Software, Microsoft Dynamics 365, and Windows Update Assistant.
More info.  And here.


Schneider Electric

Patch

Schneider Electric Monthly Patches include four new and three updated bulletins.  No patches for the new bulletins, but the updated bulletins report fixed software for previously identified vulnerabilities.
More info.

Schneider Electric is aware of several vulnerabilities in many of its Modicon brand of programmable logic controllers.  DoS during upgrade and various  information exposure vulnerabilities.  No patches.
More info.  And here.  And here.  And here.


  

Tuesday 8 October 2019

SAP

Patch

SAP Monthly Patches include seven new bulletins and one update.  Two are rated Hot News with CVSSv3 scores of 9.3 and 9.1, addressing missing authentication and information disclosure vulnerabilities.  One is rated High, the rest Medium.
More info.


Qualcomm

Patch

Qualcomm has published their monthly bulletin for QTI closed-source product and Code Aurora Forum open-source.  A total of 15 vulnerabilities, nine rated Critical, six rated High.  Six vulnerabilities have a Remote Access Vector, leading to buffer overflow, buffer over-read, authentication bypass, and DoS.
More info.


Siemens

Patch

Siemens Monthly Patches include five new bulletins and ten updated bulletins.  Note the updated bulletins include additional CVEs or removal of CVEs from the fixed lists, new updates for products, or still no updates, be sure to take a look at those as well.
More info.

A vulnerability in SIMATIC WinAC RTX (F) 2010 controller software could allow an attacker to perform a denial-of-service attack if a large HTTP request is sent to the network port of the host where WinAC RTXis running.
More info.

A vulnerability in affected Profinet devices could allow an attacker to perform a denial-of-service attack if a largeamount of specially crafted UDP packets are sent to the device.  Some updates, mostly remediation
More info.

A vulnerability in affected Industrial Real-Time (IRT) products could allow an unauthorized attacker with network access toperform a denial-of-service attack resulting in loss of real-time synchronization.
More info.


Apple

Patch

Apple has published security updates for iTunes, iCloud, and macOS Catalina.
More info.

iTunes includes fixes for RCE and XSS in WebKit and UIFoundation.  Ditto iCloud.
More info.  And here.  And here.

macOS includes fixes for RCE, memory corruption, and race conditions.
More info.


Google

Patch

Google has published their Monthly Patches for Android.  There are nine vulnerabilities addressed, plus Qualcomm vulnerabilities.  Three are rated Critical, five are rated High.  RCE, Information Disclosure, and Elevation of Privilege vulnerabilities are addressed.
More info.

The Pixel Monthly bulletin is out, with one vulnerability rated High for Information Disclosure, plus Qualcomm vulnerabilities.
More info.


Linux

Patch

OpenSUSE has updated php, putty, dovecot, and others.  More info.
RedHat has updated python, wget, bind, the kernel, and others.  More info.
Mageia has updated firefox.  More info.


  

Monday 7 October 2019

Android

Exploit

Project Zero is reporting a vulnerability originally patched by Google in Dec 2017 still unpatched in several handsets, including Pixel 2, Samsung S7/S8/S9 and others.  There are reports this is exploited in the wild.
More info.


IBM

Patch

IBM QRadar Network Security has been patched for openssh, openssl, and linux vulnerabilities.
More info.  And here.  And here.


Avaya

Patch

Avaya has published an update for Media Server that fixes several vulnerabilities in the underlying RedHat OS, as well as forcing customer account password change on initial login, which is a Good Thing for security.
More info.


Linux

Patch

SUSE has update, java, bind, openssl, nginx, and others.  More info.
OpenSUSE has updated thunderbird, firefox, openssl, bind, php, nginx, and others.  More info.
Debian has updated jackson-databind.  More info.


  

Friday 4 October 2019

HP

Patch

A potential security vulnerability has been identified with Samsung Laser Printers. This vulnerability could potentially be exploited to create a denial of service.  CVSSv3 score of 7.5
More info.


NetApp

New

NetApp has published six new bulletins for third-party software in their products.  One has a CVSSv3 score of 9.8.  No patches yet.
More info.


Linux

Patch

SUSE has update, java, bind, openssl, nginx, and others.  More info.
OpenSUSE has updated thunderbird, firefox, openssl, bind, php, nginx, and others.  More info.
Mageia has updated thunderbird.  More info.
Amazon Linux has updated nss, thunderbird, libssh, nginx, mysql, nghttp2, and others.  More info.  Note there is an Amazon Linux 2 page now with a separate update list, know which one you have.


  

Thursday 3 October 2019

Shibboleth

Patch

The Shibboleth Identity Provider supports a number of login flows that rely on servlets or JSP pages to operate, including External, RemoteUser, X509, and SPNEGO. These flows are vulnerable to a denial of service attack by a remote, unauthenticated attacker, via Java heap exhaustion due to the creation of objects in the Java Servlet container session.
More info.


QNAP

Patch

A reported vulnerability in QNAP NAS may affect Music Station. If exploited, the vulnerability may allow an attacker to inject arbitrary code into the system.
More info.

A reported OpenSSL vulnerability may affect QNAP NAS devices. If exploited, the vulnerability may allow attackers to run arbitrary code on the NAS.
More info.


Tcpdump

Patch

Tcpdump has published a new version with a large number of vulnerabilities addressed.  No further details in the notice, just a link to the list of CVEs.
More info.


Cisco

Patch

Cisco has published 33 new bulletins, 13 rated High and the rest Medium.
More info.

A vulnerability in the SIP inspection module of Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device. The vulnerability is due to improper parsing of SIP messages. An attacker could send a malicious SIP packet and trigger an integer underflow, causing the software to try to read unmapped memory and resulting in a crash.
More info.

A vulnerability in IKEv1 of Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a DoS condition. The vulnerability is due to improper management of system memory. An attacker could send malicious IKEv1 traffic to an affected device to exhaust system memory resources leading to a reload of the device. Valid credentials to authenticate the VPN session are not needed, nor does the source address.
More info.

A vulnerability in the FTP inspection engine of Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device. An attacker could exploit this vulnerability by sending malicious FTP traffic through an affected device. A successful exploit could allow the attacker to cause a DoS condition on the affected device.
More info.


Linux

Patch

SUSE has update, dovecot, thunderbird, and others.  More info.
CentOS has updated the kernel.  More info.


  

Wednesday 2 October 2019

Interpeak

New

The Interpeak IPnet stack vulnerabilities were first reported under as the Urgent/11 affecting Wind River VxWorks. These vulnerabilities have expanded beyond the affected VxWorks systems and affect additional real-time operating systems (RTOS), including ENEA, Green Hills Software, ITRON, IP Infusion, and Wind River.  Again, this flows to all the devices that use these RTOS versions with the Interpeak IPnet stack.
More info.

Bulletins are mixed with the VxWorks bulletins, but CISA is reporting bulletins from BD, Drager, GE Healthcare, Philips Healthcare, and Spacelab.  See the CISA bulletin linked above.


IBM

Patch

Multiple security vulnerabilities have been fixed and delivered in IBM Security Directory Server, including XSS, XML manipulation, brute force attack, and others.
More info.


Moxa

Patch

Two product vulnerabilities were identified in Moxa’s EDR-810 Series secure routers.  Improper input on the web console via the Admin or ConfigAdmin account allows unauthorized commands to be performed on the router, and the log information may be retrieved by an unauthenticated attacker, which may allow sensitive information to be disclosed.
More info.

One product vulnerability was identified in Moxa’s EDR-810 Series Secure Routers, multiple functions in the web server allow users to execute arbitrary codes.
More info.


PaloAlto

Patch

Eleven security bulletins have been published for Zingbox Inspector, including hardcoded SSH credentials, storage of plaintext credentials, ARP spoofing, software update tampering, and RCE
More info.


Linux

Patch

SUSE has update, openssl, bind, and others.  More info.
OpenSUSE has updated chromium, nghttp2, and u-boot.  More info.
Arch Linux has updated ruby, systemd, and exim.  More info.
RedHat has updated nodejs.  More info.
Oracle Linux has updated the kernel.  More info.
Debian has updated openssl.  More info.
Ubuntu has updated clamav.  More info.


  

Tuesday 1 October 2019

HPE

Patch

Security vulnerabilities in HPE UIoT version 1.2.4.2 could allow unauthorized remote access and access to sensitive data.  CVSSv3 score of 9.6.
More info.

A potential security vulnerability has been identified in HPE SimpliVity 380 and 2600, SimpliVity OmniCube, OmniStack for Cisco, Lenovo, and Dell. The deprecated Set_Axeda() and Set_Rda() APIs accept a path to a file and can be used touch or delete arbitrary files on the nodes as root. These APIs do not require user authentication and are accessible over the management network, resulting in a remote availability and integrity vulnerabilities.  CVSSv3 score of 9.1
More info.


CA

Patch

A vulnerability exists in CA Network Flow Analysis that can allow a remote attacker to execute arbitrary commands.
More info.


Foxit

Patch

Multiple RCE vulnerabilities have been identified in PhantomPDF.
More info.


Linux

Patch

RedHat has updated apache in JBoss and kpatch.  More info.
Oracle Linux has updated nodejs.  More info.
Ubuntu has updated the kernel and others.  More info.


  

Monday 30 September 2019

PHP

Patch

A vulnerability has been discovered in PHP, which could allow an attacker to execute arbitrary code. PHP is prone to a heap-based buffer-overflow vulnerability because the 'mb_eregi()' function fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer.
More info.


Exim

Patch

There is a heap-based buffer overflow in string_vformat. The currently known exploit uses an extraordinary long EHLO string to crash the Exim process that is receiving the message.
More info.


Moxa

Patch

Improper input on the web console via the Admin or ConfigAdmin account allows unauthorized commands to be performed on the router, and log information may be retrieved by an unauthenticated attacker, which may allow sensitive information to be disclosed.
More info.


IBM

Patch

IBM Sterling File Gateway could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system.  Also, IBM Sterling B2B Integrator Standard Edition displays sensitive information in HTTP requests which could be used in further attacks against the system.
More info.


HP

Patch

A maliciously crafted print file might cause certain HP Inkjet printers to assert. Under certain circumstances, the printer produces a core dump to a local device.
More info.


PuTTY

Patch

PuTTY has published an upate with two security fixes, including one that allows other applications to bind to the same TCP port as a PuTTY local port forwarding.
More info.


Linux

Patch

SUSE has updated gpg2.  More info.
OpenSUSE has updated phpmyadmin, expat, and others.  More info.
RedHat has updated nodejs.  More info.
CentOS has updated dovecot, openjdk, the kernel, and others.  More info.
Debian has updated exim, wpa, and others.  More info.
Ubuntu has updated exim.  More info.
Mageia has updated chromium, nghttp2, and others.  More info.


  

ALERT DEFINITIONS

PRODUCT

GUARDED 

This alert state represents the return towards normalisation of an alert state, indicating that there was a higher alert state due to a product vulnerability during the previous few days.


PRODUCT

INCREASED 

This alert state indicates that a product vulnerability has been identified within the last few days. The vulnerability is either difficult to exploit, or if exploited, results in reduced impact to the target system.


PRODUCT

HIGH 

This alert state indicates a more serious vulnerability which is exploitable.


PRODUCT

CRITICAL 

This alert state indicates a significant threat to the product, where exploits exist or where the vulnerability is potentially devastating.


NEW

NEW 

This bottom descriptor is used with a vulnerability which has been identified in the last 24 hours, with no patch or exploit. It will typically be paired with Increased.


+24hrs

+24hrs

 This bottom descriptor is used with Indicates an alert state which has been present for more than 24 hours. It will typically be paired with Guarded, and could be changed to +48hr for an item that came out as Critical.


Patch

PATCH 

This bottom descriptor indicates that patches are available for vulnerabilities, whether it is the initial report or a patch of a vulnerability that had been previously reported.  It could be paired with Increased or High, and on rare occasions Critical.


Exploit

EXPLOIT 

This bottom descriptor indicates that an Exploit has been made public for a vulnerability, whether it is the initial report or an indication of an exploit for a vulnerability that had been previously reported.  It could be paired with High or Critical.


ZERO

ZERO DAY 

This bottom descriptor indicates that a vulnerability has been announced without the opportunity for the vendor to patch it before the details are made known.  It could be paired with High or Critical.


© Computer Network Defence Limited 2019