Vulnerability Details

The Computer Network Defence Alert State is designed to give a granular and more dynamic visualisation of the current cyber security threat.  Any increase in an alert state will occur immediately an issue is detected and it will drop again by one level each working day

Our rationale for this agility is that vulnerabilities often occur in clusters, therefore reducing the alert state again quickly, will increase your visibility of new threats to the same product. Daily reductions in alert state occur at approximately 1900 GMT/UTC. Significant vulnerabilities may remain for longer. Vulnerabilities on this page are predominantly remotely executable, very few local server exploits will be shown.

Wednesday 17 August 2022


Google

Patch

Google has publsihed a security update for Chrome for Desktop, that addresses 11 security vulnerabilities, at least 1 rated Critical and 1 being currently exploited.
More info.

Microsoft is aware andw orking to update Edge.  More info.


LS Electric

New

LS Electric LS ELEC PLC and XG5000 contains an Inadequate Encryption Strength for passwords vulnerability. Successful exploitation of this vulnerability could allow a remote attacker to decrypt credentials and gain full access to the affected PLC. CVSSv3 score of 6.5
More info.


Softing

Patch

Softing Secure Integration Server contains several vulnerabilities that can be exploited by a remote attacker to cause a DoS. CVSSv3 score of 7.5
More info. And here.

Several Softing products ship with the default administrator credentials. Upon installation or upon first login, the application does not ask the user to change the `admin` password. On top of this, there is no warning or prompt to ask the user to change the default password, and in order to change the password, many steps are required. CVSSv3 score of 9.8
More info.


Splunk

Patch

Splunk Quarterly Patches are out, with 3 bulletins, 1 rated High, 1 Medium, and 1 Low. Highest CVSSv3 score of 7.4
More info.


B&R
Automation

Patch

B&R Industrial Automation Automation Studio 4 contains an Unrestricted Upload of File with Dangerous Type vulnerability. A remote attacker may use spoofing techniques to connect B&R Automation Studio to an attacker-controlled device with manipulated project files. This may result in RCE, information disclosure, and DoS of the system running B&R Automation Studio. CVSSv3 score of 8.3
More info.


WAGO

Patch

Several WAGO products include CODESYS versions with known vulnerabilities. Highest CVSSv3 score of 9.8
More info.


Sequi

New

Sequi PortBloque S contains Improper Authentication and Improper Authorization vulnerabilities. Successful exploitation of these vulnerabilities could result in unauthorized changes to device configuration, to include adding new users or changing existing passwords for persistent access to the device. Highest CVSSv3 score of 9.9
More info.


Linux

Patch

SUSE has updated the kernel. More info.
OpenSUSE has updated the kernel. More info.


  

Tuesday 16 August 2022


TRUMPF

Patch

A number of TRUMPF software tools use the OPC UA Server, which contains several vulnerabilities that would allow a remote attacker to send malicious data to the application, resulting in a DoS. CVSSv3 score of 7.5
More info.


IBM

Patch

Multiple vulnerabilities in expat, glibc, http server, dojo, openssl shipped with Cloud Pak System. Highest CVSSv3 score of 9.8
More info.

A vulnerability in Apache Commons Configuration affects IBM SPSS Modeler. CVSSv3 score of 9.8
More info.


Lenovo

Patch

Lenovo (IBM) Storage products are affected by a vulnerability in the challenge/response authentication mechanism used for remote support which, under specific conditions, may allow unauthorized access as credentials can be reused on the product's management GUI. CVSSv3 score of 5.6
More info.


Linux

Patch

SUSE has updated the kernel. More info.
Red Hat has updated the kernel and kpatch. More info.
CentOS has updated the kernel and microcode_ctl. More info.


  

Monday 15 August 2022


IBM

Patch

Multiple vulnerabilities in jackson-databind shipped with IBM Cloud Pak System Highest CVSSv3 score of 9.8
More info.

IBM Sterling Connect:Direct File Agent is vulnerable to remote code execution due to Apache Commons Configuration. CVSSv3 score of 9.8
More info.

Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes. Highest CVSSv3 score of 9.8
More info.

Automation Assets in IBM Cloud Pak for Integration is vulnerable to remote code execution due to ejs. CVSSv3 score of 9.8
More info.

IBM MQ Operator and Queue manager container images are vulnerable to multiple vulnerabilities from Golang Go, libxml2, curl, expat, libgcrypt and IBM WebSphere Application Server Liberty. Highest CVSSv3 score of 9.8
More info.


NetApp

New

NetApp has published 6 new bulletins identifying vulnerabilities in third-party software included in their products.  No patches yet.
More info.


Linux

Patch

SUSE has updated the kernel. More info.
OpenSUSE has updated the kernel. More info.


  

Friday 12 August 2022


Cisco

Patch

A vulnerability in the handling of RSA keys on devices running Cisco ASA and FTD Software could allow a remote attacker to retrieve an RSA private key. CVSSv3 score of 7.4
More info.

A vulnerability in the Clientless SSL VPN (WebVPN) component of Cisco ASA Software could allow a remote attacker to conduct browser-based attacks. CVSSv3 score of 4.3
More info.


Keysight

Patch

A path traversal vulnerability exists in the Keysight Sensor Management Server. This allows a remote attacker to upload arbitrary files to the SMS host. CVSSv3 score of 9.8
More info.


  

Thursday 11 August 2022


Palo Alto
Networks

Patch

A PAN-OS URL filtering policy misconfiguration could allow a remote attacker to conduct reflected and amplified TCP DoS attacks. The DoS attack would appear to originate from a Palo Alto Networks firewall against an attacker-specified target. CVSSv3 score of 8.6
More info.


Dell

Patch

Dell Enterprise Hybrid Cloud patches are available for multiple security vulnerabilities in third-party software (primarily VMware) that may be exploited by remote attackers to compromise the affected system.  Dell rates this Critical.
More info.


Linux

Patch

SUSE has updated the kernel. More info.
Oracle Linux has updated the kernel. More info.
Ubuntu has updated the kernel. More info.
Scientific Linux has updated the kernel. More info.


  

Wednesday 10 August 2022


Microsoft

Patch

Microsoft Monthly Patches are out, with patches for 141 vulnerabilities, 17 rated Critical, 2 previously disclosed, and 1 being exploited.  Highest CVSSv3 score of 9.8
More info. And here. And here.

An RCE Windows PPP wormable vulnerability exists, a remote attacker could send a specially crafted connection request to a RAS server, which could lead to RCE on the RAS server machine.CVSSv3 score of 9.8.
More info.


Adobe

Patch

Adobe Monthly Patches are published, with 5 new bulletins for Commerce, Acrobat and Reader, Illustrator, FrameMaker, and Premiere Elements. Highest CVSSv3 score of 9.1
More info.

Adobe has released a security update for Adobe Commerce and Magento Open Source. This update resolves critical, important and moderate vulnerabilities.  Successful exploitation could lead to arbitrary code execution, privilege escalation and security feature bypass. Highest CVSSv3 score of 9.1
More info.


VMware

Patch

VMware vRealize Operations contains an authentication bypass vulnerability. A remote attacker may be able to create a user with administrative privileges. CVSSv3 score of 5.6
Note there are other vulnerabilities that require privileges in this bulletin.
More info.


Hitachi

Patch

Several vulnerabilities exist in third-party software included in Command Suite, Automation Director,  Configuration Manager, Infrastructure Analytics Advisor and Ops Center. Highest CVSSv3 score of 9.8
More info.


Zoom

Patch

Zoom On-Premise Meeting Connector Zone Controller fails to properly parse STUN error codes, which can result in memory corruption or arbitrary code execution. CVSSv3 score of 7.5
More info.

The Zoom Client for Meetings for Android, iOS, Linux, macOS, and Windows are susceptible to a URL parsing vulnerability. If a malicious Zoom meeting URL is opened, the malicious link may direct the user to connect to an arbitrary network address, leading to additional attacks including the potential for RCE. CVSSv3 score of 9.7
More info.


Linux

Patch

SUSE has updated the kernel. More info.
OpenSUSE has updated the kernel. More info.
Oracle Linux has updated the kernel. More info.
Ubuntu has updated the kernel. More info.


  

Tuesday 09 August 2022


Siemens

Patch

Siemens Monthly Patches are out, with 4 new bulletins and 38 updated bulletins.  Of the new bulletins, highest CVSSv3 score of 9.1
More info.

SCALANCE devices contain multiple vulnerabilities in MSPS based product lines that could allow remote attackers to create a DoS. Highest CVSSv3 score of 9.1
More info.

Teamcenter is affected by two security vulnerabilities in the File Service Cache service that could lead to command injection and DoS. Highest CVSSv3 score of 7.6
More info.

Simcenter STAR-CCM+ contains an information disclosure vulnerability when using the Power-on-Demand public license server. An attacker could access a system's host, user, and display name. CVSSv3 score of 5.3
More info.

A vulnerability was identified in the web server module used in the SICAM A8000 CP-8000, CP-8021 and CP-8022 devices' protocol firmwares that could allow unauthenticated access to the web interface of the affected web server module. This module is off by default.  CVSSv3 score of 4.3
More info.


Schneider
Electric

Patch

Schneider Electric Monthly Patches are published, with 4 new bulletins and 7 updated bulletins. Of the new bulletins, highest CVSSv3 score of 9.8
More info.

Schneider Electric is aware of a Weak Password Recovery Mechanism for Forgotten Password vulnerability in its EcoStruxure Control Expert, EcoStruxure Process Expert, and Modicon M580 and M340 control products. A remote attacker  could achieve unauthorized access in read and write mode to the controller when communicating over Modbus. CVSSv3 score of 9.8
More info.

DoS and Information Exposure vulnerabilities exist Modicon PAC Controllers when using Modbus TCP.  CVSSv3 score of 7.5
More info. And here.


SAP

Patch

SAP has released 5 new Security Notes and 2 updated Notes in their Monthly Patch Day.  Highest CVSSv3 score in the new Notes is 8.2, but one of the updated Note has a score of 10.
More info.


AUMA

Patch

The SIMA2 Master Station includes an outdated version of ntpd which is affected by a large number of vulnerabilities, dating back to 2016. Highest CVSSv3 score of 9.8
More info.


Exim

Patch

Multiple vulnerabilities have been discovered in Exim, the most severe of which could allow for RCE. Successful exploitation of the most severe of these vulnerabilities will enable the attacker to perform command execution as root in the context of the mail server.
More info.


SICK

New

SICK SIM products include OpenSSL which has a DoS vulnerability from March.  CVSSv3 score of 7.5. Updates are planned, but not available.
More info.


NetApp

Patch

StorageGRID is susceptible to a vulnerability in the linux kernel that could allow a remote attacker to view limited metrics information and modify alert email recipients and content. CVSSv3 score of 7.3
More info.


Linux

Patch

SUSE has updated the kernel. More info.
Red Hat has updated the kernel. More info.
Oracle Linux has updated the kernel. More info.
Alpine Linux has put out a new release. More info.


  

Monday 08 August 2022


Microsoft

Patch

Microsoft has updated Edge with the latest chromium security updates.
More info.


Linux

Patch

Mageia has updated the kernel. More info.


  

Friday 05 August 2022


Digi

New

Digi International ConnectPort X2D Gateway contains a vulnerability that allows an attacker to execute malicious actions resulting in code execution. CVSSv3 score of 10.
More info.


NetApp

New

NetApp has published 5 new bulletins identifying vulnerabilities in third-party software included in their products.
More info.


  

Thursday 04 August 2022


Cisco

Patch

Cisco has published 5 new bulletins, 1 rated Critical and 4 rated Medium.
More info.

Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an unauthenticated, remote attacker to execute arbitrary code or cause a DoS. CVSSv3 score of 9.8
More info.


IBM

Patch

IBM Watson Speech products are affected by vulnerabilities in perl, allowing a remote attacker to execute arbitrary code.  CVSSv3 score of 9.8
More info. And here. And here. And here.

Multiple vulnerabilities affect IBM Db2 On Openshift, IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data. Highest CVSSv3 score of 9.8
More info.


WithSecure

Patch

A DoS vulnerability exists in the F-Secure Atlant and in certain WithSecure products. While scanning fuzzed PE32-bit files, it is possible for a remote attacker to crash the scanning engine. WithSecure rates this Medium.
More info.


  

Wednesday 03 August 2022


VMware

Patch

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate. CVSSv3 score of 9.8.
More info. And here.


Google

Patch

Google has updated Chrome for Desktop with 27 security fixes.
More info.

Microsoft is aware and working on Edge. More info.


Belden

Patch

EagleSDV crashes on session establishment using TLS1.0 or TLS1.1, resulting in DoS.
More info.


Dell

Patch

Dell Data Computing Appliance (DCA) contains remediation for multiple security vulnerabilities that may be exploited by remote attackers to compromise the affected system. Dell rates this Critical.
More info.

Dell VNX2 Operating Environment for File contains remediation for multiple security vulnerabilities that may be exploited by remote attackers to compromise the affected system.  Dell rates this Critical.  Highest CVSSv3 score of 8.6
More info.


F5

Patch

F5 Quarterly Patches are out, with 12 patches rated High, 8 rated Medium, 1  Low, and one Security Exposure bulletin. Highest CVSSv3 score of 8.7
More info.


Fortinet

Patch

Fortinet Monthly Patches are out, with 3 bulletins. Highest CVSSv3 score of 7.4
More info.


Linux

Patch

SUSE has updated the kernel. More info.
Red Hat has updated the kernel. More info.
CentOS has updated the kernel. More info.
Oracle Linux has updated the kernel. More info.


  

Tuesday 02 August 2022


Dell

Patch

Dell CloudLink remediation is available for AD users login without password that may be exploited by remote attackers to compromise the affected system, and other vulnerabilities. CVSSv3 score of 9.1
More info. And here.

Dell Cyber Recovery remediation is available for multiple security vulnerabilities that may potentially be exploited by remote attackers to compromise the affected system, including an authentication bypass vulnerability. CVSSv3 score of 9.8
More info. And here.


Mitsubishi
Electric

Patch

DoS and arbitrary command execution vulnerabilities due to OpenSSL exist in multiple Mitsubishi Electric FA Products. Highest CVSSv3 score of 9.8
More info.


Meinberg

Patch

The latest LANTIME Firmware includes security updates of the third-party programs curl and openssl. In addition, a vulnerability has been fixed that allowed local user names to be determined.
More info.


Qualcomm

Patch

Qualcomm Monthly Patches are out, with 15 internal vulnerabilities and 1 Open Source software vulnerability.  Highest CVSSv3 score of 8.4
More info.


Google

Patch

Google has published the Android Monthly Patches, with 19 vulnerabilities plus Imagination Technologies, MediaTek, and Qualcomm patches. One vulnerability is rated Critical, the rest are rated High.
More info.

Google Pixel Monthly Patches are out, with 40 vulnerabilities, with 4 rated Critical, 3 rated High, and the rest Moderate.
More info.


Samsung

Patch

Samsung Monthly Patches are out, with 31 Samsung vulnerabilities plus Google Android patches. At least 1 is rated Critical, and 3 rated High.
More info.


Linux

Patch

SUSE has updated the kernel. More info.
OpenSUSE has updated the kernel. More info.
Oracle Linux has updated microcode_ctl. More info.
Ubuntu has updated the kernel. More info.


  

ALERT DEFINITIONS

PRODUCT

GUARDED 

This alert state represents the return towards normalisation of an alert state, indicating that there was a higher alert state due to a product vulnerability during the previous few days.


PRODUCT

INCREASED 

This alert state indicates that a product vulnerability has been identified within the last few days. The vulnerability is either difficult to exploit, or if exploited, results in reduced impact to the target system.


PRODUCT

HIGH 

This alert state indicates a more serious vulnerability which is exploitable.


PRODUCT

CRITICAL 

This alert state indicates a significant threat to the product, where exploits exist or where the vulnerability is potentially devastating.


NEW

NEW 

This bottom descriptor is used with a vulnerability which has been identified in the last 24 hours, with no patch or exploit. It will typically be paired with Increased.


+24hrs

+24hrs

 This bottom descriptor is used with Indicates an alert state which has been present for more than 24 hours. It will typically be paired with Guarded, and could be changed to +48hr for an item that came out as Critical.


Patch

PATCH 

This bottom descriptor indicates that patches are available for vulnerabilities, whether it is the initial report or a patch of a vulnerability that had been previously reported.  It could be paired with Increased or High, and on rare occasions Critical.


Exploit

EXPLOIT 

This bottom descriptor indicates that an Exploit has been made public for a vulnerability, whether it is the initial report or an indication of an exploit for a vulnerability that had been previously reported.  It could be paired with High or Critical.


ZERO

ZERO DAY 

This bottom descriptor indicates that a vulnerability has been announced without the opportunity for the vendor to patch it before the details are made known.  It could be paired with High or Critical.