Vulnerability Details

The Computer Network Defence Alert State is designed to give a granular and more dynamic visualisation of the current cyber security threat.  Any increase in an alert state will occur immediately an issue is detected and it will drop again by one level each working day

Our rationale for this agility is that vulnerabilities often occur in clusters, therefore reducing the alert state again quickly, will increase your visibility of new threats to the same product. Daily reductions in alert state occur at approximately 1900 GMT/UTC. Significant vulnerabilities may remain for longer. Vulnerabilities on this page are predominantly remotely executable, very few local server exploits will be shown.

Friday 27 January 2023


Rockwell
Automation

Patch

Rockwell Automation is aware of multiple products that are affected by vulnerabilities in the GoAhead web server. Exploitation of these vulnerabilities could potentially have a high impact on the confidentiality, integrity and availability of the vulnerable devices. Highest CVSSv3 score of 9.8
Some products are patched, some not.
More info. And here.


Econolite

New

Econolite EOS contains Improper Access Control and Use of Weak Hash vulnerabilities. Successful exploitation of these vulnerabilities could result in a remote attacker gaining full control over traffic control functions performed by Econolite hardware. Highest CVSSv3 score of 9.8
No response from Econolite.
More info.


Microsoft

Patch

Microsoft has published a security advisory for Windows PPTP.  A remote attacker could send a specially crafted connection request to a RAS server, which could lead to RCE on the RAS server machine. CVSSv3 score of 8.1
More info.

Microsoft has updated Edge with the latest chromium vulnerability fixes.
More info.


IBM

Patch

There are multiple vulnerabilities in open source libraries used by IBM MobileFirst Platform Foundation.  Highest CVSSv3 score of 10
More info.


HCL Software

Patch

HCL BigFix WebUI is affected by security vulnerabilities in BigFix WebUI source code and open source components. Highest CVSSv3 score of 9.8
More info.


  

Thursday 26 January 2023


ISC

Patch

ISC has published 4 new bulletins identifying DoS vulnerabilities in BIND 9.  Highest CVSSv3 score of 7.5
More info.


Mitsubishi
Electric

Patch

An authentication bypass vulnerability exists in the robot controller of industrial robot MELFA SD/SQ series and F-series. An attacker can gain unauthorized access to a robot controller by performing an unauthorized telnet login. CVSSv3 score of 7.5
More info.


Tenable

Patch

Tenable has published a bulletin identifying 4 vulnerabiliities in Tenable.sc, as well as vulnerabilities in third-party software. Highest CVSSv3 score of 9.8
More info.


Linux

Patch

SUSE has updated the kernel. More info.
OpenSUSE has updated the kernel. More info.
Ubuntu has updated the kernel. More info.
Oracle Linux has updated the kernel. More info.
Scientific Linux has updated the kernel. More info.


  

Wednesday 25 January 2023


VMware

Patch

Multiple vulnerabilities in VMware vRealize Log Insight could allow a remote attacker to collect sensitive information, achieve DoS, or perform RCE. Highest CVSSv3 score of 9.8
More info.


Google

Patch

Google has updated Chrome for Desktop to fix 6 security vulnerabilitiesm the most severe of which could allow for arbitrary code execution.
More info.

Microsoft is aware.  More info.


Apple

Patch

Apple has published updates for tvOS.
More info.


Linux

Patch

SUSE has updated the kernel. More info.
Red Hat has updated the kernel, the kernel-rt, and kpatch. More info.
Oracle Linux has updated the kernel. More info.


  

Tuesday 24 January 2023


Crestron

Patch

Crestron has patched the UC-engine product line for OpenSSL vulnerabilities. CVSSv3 score of 5.3
More info.


Lexmark

Patch

Lexmark has patched their printers to fix a vulnerability that allows an attacker to bypass protections on the device that protect local accounts against brute-force guessing attacks.. CVSSv3 score of 5.3
More info.

A Server-Side Request Forgery vulnerability has been identified in the Web Services feature of newer Lexmark devices. This vulnerability can be leveraged by an attacker to gain arbitrary code execution on the device. CVSSv3 score of 9.0
More info.


Apple

Exploit

Apple has published updates for Safari, iOS, macOS, and watchOS. iOS includes fixes for older versions for actively exploited vulnerabilities.  Highest CVSSv3 score of 9.8.
More info.


GE

Exploit

DS Agile SMT is built on the Windows-10 operating system and is using an older version of Log4j, allowing a remote attacker to perform RCE.  CVSSv3 score of 10.
More info.


HCL Software

Patch

HCL BigFix WebUI is affected by security vulnerabilities in source code and open source components. Highest CVSSv3 score of 9.8
More info.


Linux

Patch

Red Hat has updated the kernel. More info.
Debian has updated the kernel. More info.


  

Monday 23 January 2023


NetApp

New

NetApp has published 9 new bulletins identifying vulnerabilities in third-party software included in their products. Highest CVSSv3 score of 9.8  Only 1 bulletin includes patched software.
More info.


Linux

Patch

Mageia has updated the kernel and kernel firmware. More info.


  

Friday 20 January 2023


TP-Link

New

TP-Link router WR710N-V1-151022 and Archer-C5-V2-160201 are susceptible to two vulnerabilities, including a buffer overflow during HTTP Basic Authentication allowing a remote attacker to corrupt memory allocated on a heap causing DoS or RCE, and a side-channel attack allowing deterministic guessing of each byte of a username and password input during authentication. Highest CVSSv3 score of 9.8
More info.


Medtronic

New

All versions of the superDimension navigation system run on Microsoft Window’s operating system platforms that are no longer supported, leaving the system with security vulnerabilities which could allow an unauthorized user to execute code on the system.  There is no way to update the system, they recommend not connecting the systems to the hospital network.
More info.


BD

Patch

BD has updated Microsoft and third-party software in Kiestra TLA/WCA, Kiestra InoqulA+, Kiestra InoqulA, and Kiestra ReadA.
More info.


PowerDNS

Patch

PowerDNS Recursor contains a DoS vulnerability.  This problem can be triggered by a remote attacker with access to the recursor by querying names from specific mis-configured domains. CVSSv3 score of 8.2
More info.


Microsoft

Patch

Microsoft has updated Edge to fix one security vulnerability.  CVSSv3 score of 6.5
More info.


Linux

Patch

Ubuntu has updated the kernel. More info.


  

Thursday 19 January 2023


Cisco

New

A vulnerability in the URL filtering mechanism of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the URL reputation filters on an affected device. CVSSv3 score of 4.7
More info.


WithSecure

Patch

A DoS vulnerability was discovered in WithSecure products whereby the aerdl.dll unpacker handler crashes. This can lead to a possible scanning engine crash. The exploit can be triggered remotely by an attacker.
More info.


Mitel

Patch

A vulnerability in the ccmweb component of MiContact Center Business server could allow an unauthenticated attacker to download arbitrary files due to insufficient restriction of URL parameters. A successful exploit could allow access to sensitive information. 
More info.


Wireshark

Patch

Wireshark has published 7 new bulletins identifying memory leaks and software crash vulnerabilities. Highest CVSSv3 score of 4.3
More info.


  

Wednesday 18 January 2023


GE Digital

Patch

GE Digital Proficy Historian contains multiple vulnerabilities, including Authentication Bypass using an Alternate Path or Channel, Unrestricted Upload of File with Dangerous Type, Improper Access Control, and Weak Encoding for Password. Successful exploitation of these vulnerabilities could crash the device after access, cause a buffer overflow condition, and allow remote code execution. Highest CVSSv3 score of 9.8
More info.


IBM

Patch

There is a vulnerability in min-dash that could allow a remote attacker to execute arbitrary code on the system. The code is used by IBM Process Mining. CVSSv3 score of 9.8
More info.


D-Link

Patch

Mutliple vulnerabilities have been corrected in DIR-1360 hardware.
More info.


Mozilla

Patch

Security updates have been published for Firefox and Firefox ESR.
More info.


Git

Patch

Two vulnerabilities in Git could allow a remote attacker to execute arbitrary code on the system. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. CVSSv3 score of 9.8
More info. And here.


Apache

Patch

Three moderate vulnerabilities have been patched in Apache HTTP Server.
More info.


  

Tuesday 17 January 2023


Mitsubishi
Electric

Patch

An authorization bypass vulnerability exists in the WEB server function of the MELSEC iQ-F/iQ-R Series. An unauthenticated remote attacker may be able to access the WEB server function by guessing the random numbers used for authentication from several used random numbers. CVSSv3 score of 5.9
More info.


Oracle

Patch

Oracle Quarterly Patches are expected out this afternoon.  The pre-release notice lists 323 new security patches, with 216 being remotely exploitable without authentication.  Highest CVSSv3 score of 9.9
More info.


IBM

Patch

Vulnerabilities in libExpat affect IBM Tivoli Network Manager IP Edition. CVSSv3 score of 9.8
More info.


Linux

Patch

Red Hat has updated the kernel. More info.


  

Monday 16 January 2023


Xerox

Patch

Xerox has updated Xerox WorkCentre models to correct vulnerabilities including insecure password encryption, show embedded system accounts, and remove the ability to disable functionality.
More info.


Google

Patch

Google has published a security update for ChromeOS / ChromeOS Flex.
More info.


Linux

Patch

Oracle Linux has updated the kernel. More info.


  

ALERT DEFINITIONS

PRODUCT

GUARDED 

This alert state represents the return towards normalisation of an alert state, indicating that there was a higher alert state due to a product vulnerability during the previous few days.


PRODUCT

INCREASED 

This alert state indicates that a product vulnerability has been identified within the last few days. The vulnerability is either difficult to exploit, or if exploited, results in reduced impact to the target system.


PRODUCT

HIGH 

This alert state indicates a more serious vulnerability which is exploitable.


PRODUCT

CRITICAL 

This alert state indicates a significant threat to the product, where exploits exist or where the vulnerability is potentially devastating.


NEW

NEW 

This bottom descriptor is used with a vulnerability which has been identified in the last 24 hours, with no patch or exploit. It will typically be paired with Increased.


+24hrs

+24hrs

 This bottom descriptor is used with Indicates an alert state which has been present for more than 24 hours. It will typically be paired with Guarded, and could be changed to +48hr for an item that came out as Critical.


Patch

PATCH 

This bottom descriptor indicates that patches are available for vulnerabilities, whether it is the initial report or a patch of a vulnerability that had been previously reported.  It could be paired with Increased or High, and on rare occasions Critical.


Exploit

EXPLOIT 

This bottom descriptor indicates that an Exploit has been made public for a vulnerability, whether it is the initial report or an indication of an exploit for a vulnerability that had been previously reported.  It could be paired with High or Critical.


ZERO

ZERO DAY 

This bottom descriptor indicates that a vulnerability has been announced without the opportunity for the vendor to patch it before the details are made known.  It could be paired with High or Critical.