Vulnerability Details
The Computer Network Defence Alert State is designed to give a granular and more dynamic visualisation of the current cyber security threat. Any increase in an alert state will occur immediately an issue is detected and it will drop again by one level each working day.
Our rationale for this agility is that vulnerabilities often occur in clusters, therefore reducing the alert state again quickly, will increase your visibility of new threats to the same product. Daily reductions in alert state occur at approximately 1900 GMT/UTC. Significant vulnerabilities may remain for longer. Vulnerabilities on this page are predominantly remotely executable, very few local server exploits will be shown.
Friday 01 December 2023
VMware

Patch
VMware Cloud Director Appliance contains an authentication bypass vulnerability in the case where VMware Cloud Director Appliance was upgraded to 10.5 from an older version. CVSSv3 score of 9.8
More info.
PTC

Patch
Yokogawa

Patch
Apple

Exploit
IBM

Patch
IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Operator package issues. Highest CVSSv3 score of 9.8
More info.
NetApp

New
NetApp has published 10 new bulletins identifying vulnerabilities in third-party software included in their products. Highest CVSSv3 score of 9.8
Only one has patches.
More info.
Linux

Patch
Thursday 30 November 2023
Tenable

Patch
Nessus Network Monitor has been updated to correct vulnerabilities in third-party software including HandlebarsJS, OpenSSL, and jquery-file-upload. Highest CVSSv3 score of 9.8
More info.
Medtronic

New
Mainspring Data Express and Vital Sync Virtual Patient Monitoring Platform use Mirth Connect in certain situations, which allows a remote attacker to execute arbitrary code. CVSSv3 score of 9.8
Manual upgrade instructions for the Mirth Connect component, no Medtronic patches have been released.
More info.
Microsoft

Exploit
Edge has been updated with one chromium fix that is being exploited in the wild.
More info.
Zyxel

Patch
Zyxel NAS devices contain several vulnerabilities that allow a remote attacker to execute OS commands or obtain system information.
More info.
Wednesday 29 November 2023
Delta
Electronics

Patch
InfraSuite Device Master contains several vulnerabilities, including Path Traversal, Deserialization of Untrusted Data, and Exposed Dangerous Method or Function. Successful exploitation could allow a remote attacker to remotely execute arbitrary code and obtain plaintext credentials. Highest CVSSv3 score of 9.8
More info.

Patch
Sierra
Wireless

Patch
Sierra Wireless has updated ALEOS, an OS in AirLink Routers, to fix eight security vulnerabilities. Highest CVSSv3 score of 8.3
More info.
IBM

Patch
A vulnerability in Apache Avro Java SDK affects IBM InfoSphere Information Server. CVSSv3 score of 9.8
More info.
IBM Maximo Application Suite - Monitor Component uses systeminformation which contains a vulnerability. CVSSv3 score of 9.8
More info.
IBM Sterling B2B Integrator uses Spring Framework, which is affected by multiple vulnerabilies. Highest CVSSv3 score of 9.1
More info.
Dell

Patch
Tuesday 28 November 2023
Zyxel

Patch
Zyxel Firewall and AP products contain several vulnerabilities, one of which could be exploited by a remote attacker to trigger a DoS. CVSSv3 score of 7.5
More info.
Festo

Patch
Festo products use WIBU CodeMeter Runtime. A remote attacker exploiting the vulnerability in WIBU CodeMeter Runtime in server mode could gain full access to the affected server. CVSSv3 score of 9.8
All products but Automation Suite have fixes.
More info.
F5

New
BIG-IP, F5OS, and Traffix SDC use APR-util that could allow a remote attacker to overwrite memory beyond the intended buffer. Highest CVSSv3 score of 6.5
Only patches for F5OS so far.
More info.
NETGEAR

Patch
A sensitive information disclosure security vulnerability exists in Prosafe NMS300. CVSSv3 score of 9.8
More info.
Hitachi
Energy

Patch
Hitachi Energy's OSS component Cyrus SASL contains a vulnerability that affects the SDM600 product. A remote attacker could cause a DoS. CVSSv3 score of 7.5
More info.
Hitachi Energy's Web server and HCI IEC 60870-5-104 component contain vulnerabilities that affects RTU500. A remote attacker could perform cross-site scripting on web server or a DoS. Highest CVSSv3 score of 6.0
More info.
Xerox

Patch
Xerox has published an update for FreeFlow Print Server that includes Microsoft, Java, Firefox, and Apache security fixes.
More info.
Apache

Patch
Tomcat contains a request smuggling vulnerability that could cause Tomcat to treat a single request as multiple requests. CVSSv3 score of 5.3
More info.
Linux

Patch
Red Hat has updated the kernel. More info.
Monday 27 November 2023
HPE

Patch
Vulnerabilities in curl have been addressed in OSS Network Utilities (T1204). Highest CVSSv3 score of 9.8
More info.
Arcserve

Patch
Control iD

0-Day
An authentication bypass vulnerability exists in Control iD iDSecure that allows a remote attacker to compute valid credentials that can be used to bypass authentication and act as an administrative user. CVSSv3 score of 9.8
More info.
Friday 24 November 2023
Philips

New
IntelliSpace PACS 2 and Universal Data Manager are affected by a BIG-IP Configuration utility unauthenticated remote code execution vulnerability. CVSSv3 score of 9.8
No patches yet.
More info.
Hikvision

Patch
Hikvision products have been affected by an authentication bypass vulnerability in the Hik-Connect Module, which could allow remote attackers to consume services by sending crafted messages to the affected devices. CVSSv3 score of 8.2
More info.
Security vulnerabilities exist in Hikvision Web Browser Plug-in LocalServiceComponents that allow a remote attacker to execute arbitrary code, download malicious files, and cause process exception. Highest CVSSv3 score of 9.1
More info.
NetApp

New
NetApp has published 10 bulletins identifying vulnerabilities in third-party software included in their products. Highest CVSSv3 score of 7.5
Only 2 have patches.
More info.
Linux

Patch
Debian has updated the microcode. More info.
Wednesday 22 November 2023
Atlassian

Patch
Updates for Atlassian products include 26 vulnerabilities rated High by Atlassian. Products include Jira Software Data Center and Server, Crowd Data Center and Server, Confluence Data Center and Server, Bitbucket Data Center and Server, and Bamboo Data Center and Server. Highest CVSSv3 score of 8.5
More info.
ownCloud

Patch
Dell

Patch
Linux

Patch
Tuesday 21 November 2023
Sophos

Exploit
Sophos Web Appliance has been updated to fix several vulnerabilities that could allow a remote attacker to execute arbitrary code. Highest CVSSv3 score of 9.8
Exploits have been seen in the wild.
More info.
Synology

Patch
Synology Router Manager contains vulnerabilities that allow a MitM attacker to execute arbitrary code and access intranet resources.
More info.
Phoenix
Contact

Patch
Mozilla

Patch
Mozilla has published bulletins rated High for Firefox, Firefox ESR, Firefox for iOS, and Thunderbird.
More info.
WithSecure

Patch
A DoS vulnerability was discovered in WithSecure products that allows a remote attacker to trigger an issue where fuzzed file takes longer to scan, which eventually may cause the scanner to hang.
More info.
Linux

Patch
Monday 20 November 2023
IBM

Patch
QRadar Suite Software includes components with known vulnerabilities. Highest CVSSv3 score of 9.8
More info.
IBM Storage Protect for Virtual Environments is vulnerable to arbitrary code execution, sensitive information disclosure, and DoS due to third-party software. Highest CVSSv3 score of 9.8
More info.
Watson Machine Learning Accelerator on Cloud Pak for Data is affected by multiple vulnerabilities in Grafana. Highest CVSSv3 score of 9.8
More info.
HPE

Patch
A Security vulnerability has been identified in HP-UX OpenSSL. This vulnerability may cause local and remote DoS. CVSSv3 score of 7.5
More info.
Synology

Patch
Synology Camera TC500 and BC 500 contains vulnerabilities that allow a remote attacker to execute arbitrary code and bypass security constraints.
More info.
strongSwan

Patch
A vulnerability in charon-tkm related to processing DH public values was discovered in strongSwan that can result in a buffer overflow and potentially remote code execution.
More info.
Tenable

Patch
Security Center has been updated to fix vulnerabilities in third-party software. Highest CVSSv3 score of 8.8
More info.
ALERT DEFINITIONS
PRODUCT

GUARDED
This alert state represents the return towards normalisation of an alert state, indicating that there was a higher alert state due to a product vulnerability during the previous few days.
PRODUCT

INCREASED
This alert state indicates that a product vulnerability has been identified within the last few days. The vulnerability is either difficult to exploit, or if exploited, results in reduced impact to the target system.
PRODUCT

HIGH
This alert state indicates a more serious vulnerability which is exploitable.
PRODUCT

CRITICAL
This alert state indicates a significant threat to the product, where exploits exist or where the vulnerability is potentially devastating.

NEW
NEW
This bottom descriptor is used with a vulnerability which has been identified in the last 24 hours, with no patch or exploit. It will typically be paired with Increased.

+24hrs
+24hrs
This bottom descriptor is used with Indicates an alert state which has been present for more than 24 hours. It will typically be paired with Guarded, and could be changed to +48hr for an item that came out as Critical.

Patch
PATCH
This bottom descriptor indicates that patches are available for vulnerabilities, whether it is the initial report or a patch of a vulnerability that had been previously reported. It could be paired with Increased or High, and on rare occasions Critical.

Exploit
EXPLOIT
This bottom descriptor indicates that an Exploit has been made public for a vulnerability, whether it is the initial report or an indication of an exploit for a vulnerability that had been previously reported. It could be paired with High or Critical.

ZERO
ZERO DAY
This bottom descriptor indicates that a vulnerability has been announced without the opportunity for the vendor to patch it before the details are made known. It could be paired with High or Critical.