Vulnerability Details

The Computer Network Defence Alert State is designed to give a granular and more dynamic visualisation of the current cyber security threat.  Any increase in an alert state will occur immediately an issue is detected and it will drop again by one level each working day

Our rationale for this agility is that vulnerabilities often occur in clusters, therefore reducing the alert state again quickly, will increase your visibility of new threats to the same product. Daily reductions in alert state occur at approximately 1900 GMT/UTC. Significant vulnerabilities may remain for longer. Vulnerabilities on this page are predominantly remotely executable, very few local server exploits will be shown.

Monday 28 November 2022


Google

Exploit

Google has updated Chrome for Desktop to fix 1 security vulnerability rated High.
More info.


Atos

Patch

A command injection vulnerability has been identified in Atos Unify OpenScape 4000 Assistant and Atos Unify OpenScape 4000 Manager that may allow an unauthenticated attacker to upload arbitrary files and get administrative access to the system. CVSSv3 score of 9.8
More info.


Moxa

Patch

Moxa Secure Router EDR and TN Series contain an Improper Input Validation Vulnerability that could allow a remote attacker to cause a buffer overflow that crashes the web service.
More info.


Linux

Patch

Mageia has updated the kernel and kernel firmware. More info.
Oracle Linux has updated the kernel. More info.


  

Friday 25 November 2022


HPE

Patch

A potential security vulnerability in Apache Tomcat impacts HPE IceWall products. The vulnerability could be exploited resulting in Remote Disclosure of Information. CVSSv3 score of 3.7
More info.


WithSecure

Patch

Multiple DoS vulnerabilities was discovered in F-Secure & WithSecure products whereby the aerdl.dll unpacker handler crashes. This can lead to a possible scanning engine crash. The exploit can be triggered remotely by an attacker.
More info.


  

Thursday 24 November 2022


Mitsubishi
Electric

Patch

Multiple vulnerabilities exist in Mitsubishi Electric FA engineering software. These vulnerabilities can be exploited by remote attackers to achieve disclosure or alteration of the product's information or view and execute programs. Highest CVSSv3 score of 9.1
More info.


Moxa

Patch

Multiple Moxa Routers contain improper authentication and input validation vulnerabilities in the web service that could allow a remote attacker to execute arbitrary code via malicious requests.
More info.


NetApp

New

NetApp has published 4 new bulletins identifying vulnerabilities in third-party software included in their products.  Highest CVSSv3 score of 7.8  No patches yet.
More info.


  

Wednesday 23 November 2022


Aveva

Patch

AVEVA Edge (formerly known as InduSoft Web Studio) contains multiple security vulnerabilities. A remote attacker can insert malicious DLL files and trick the application into executing code. Highest CVSSv3 score of 9.8
More info. And here.


Aruba

Patch

Aruba has released patches for Aruba EdgeConnect Enterprise that address multiple security vulnerabilities. Highest CVSSv3 score of 7.5
More info.


HPE

Patch

Potential security vulnerabilities have been identified in the BMC of HPE CL2100 Gen10 and HPE CL2200 Gen10 servers. The vulnerabilities could be remotely exploited to perform remote code execution or gain elevated privilege. Highest CVSSv3 score of 9.9
More info.


Bosch

Patch

Multiple vulnerabilities were found in the PRA-ES8P2S Ethernet-Switch including a buffer vulnerability. Highest CVSSv3 score of 9.8
Note that the CVEs date back to 2006.
More info.


IBM

Patch

IBM has published 8 security bulletins for their products identifying vulnerabilities in Apache products.  All rated Critical.
More info.

IBM InfoSphere DataStage is vulnerable to a command injection vulnerability due to improper neutralization of special elements. CVSSv3 score of 9.8
More info.

IBM QRadar Network Security is affected by multiple vulnerabilities. Highest CVSSv3 score of 9.8
More info.

IBM Security Verify Governance is vulnerable to multiple security threats due to use of XStream. Highest CVSSv3 score of 9.8
More info.

Multiple vulnerabilities in Data-Binding for Jackson shipped with IBM Operations Analytics - Log Analysis. Highest CVSSv3 score of 9.8
More info.


SolarWinds

Patch

SolarWinds has published 8 new security bulletins.  Highest CVSSv3 score of 8.8
More info.


  

Tuesday 22 November 2022


Zyxel

Patch

A flaw in the LTE3301-M209 firmware could allow a remote attacker to access the device using an improper pre-configured password if the remote administration feature has been enabled. CVSSv3 score of 9.8
More info.


Linux

Patch

SUSE has updated grub2, binutils, and others. More info.
OpenSUSE has updated grub2, binutils, and others. More info.
Oracle Linux has updated the kernel, rsync, and others. More info.
Gentoo Linux has updated sudo, xterm, and others. More info.


  

Monday 21 November 2022


BD

Patch

BD is aware of and currently monitoring a vulnerability affecting all versions of Fortinet FortiOS products in use by BD Kiestra. CVSSv3 score of 9.6
BD has not seen any exploits, but Fortinet reports this is actively exploited.  The Fortinet bulletin was published 10 Oct 2022.
More info. And here.


Xerox

Patch

Insecure configuration of REST API authentication provides access to the log settings in XMPL.
More info.

Xerox FreeFlow Print Server v2 has been updated for Microsoft and OpenJDK, and Firefox security updates.
More info.

Xerox FreeFlow Print Server v7 has been updated for Solaris, OpenJDK, and Firefox security updates.
More info.


NetApp

Patch

NetApp has published 8 new bulletins identifying security vulnerabilities in third-party software included in their products. Highest CVSSv3 score of 9.8.  Only one has patches available.
More info.


Linux

Patch

SUSE has updated the kernel, grub2, and others. More info.


  

Friday 18 November 2022


Red Lion
Controls

Patch

Red Lion Controls Crimson is vulnerable to path traversal. When attempting to open a file using a specific path, the user's password hash is sent to an arbitrary host. This could allow an attacker to obtain user credential hashes. CVSSv3 score of 7.5
More info.


Linux

Patch

SUSE has updated the kernel and others. More info.
OpenSUSE has updated the kernel and others. More info.
Ubuntu has updated the kernel. More info.
Mageia has updated systemd, sudo, and others. More info.


  

Thursday 17 November 2022


BD

Patch

BD has published security bulletins for updates to Microsoft and third-party software in Identity Provider Manager, Alaris, Pyxis, and Data Agent products.
More info.


IBM

Patch

A command injection vulnerability in IBM InfoSphere DataStage was addressed. CVSSv3 score of 9.8
More info.


Linux

Patch

Ubuntu has updated the kernel. More info.


  

Wednesday 16 November 2022


Mozilla

Patch

Mozilla has published security bulletins for Firefox, Firefox ESR, and Thunderbird, all rated High. Highest CVSSv3 score of 8.1
More info.


BD

Patch

BD has published security bulletins for updates to Microsoft and third-party software in FACSAria, FACS Sample Prep Assistant Systems, FACSLyric, Pyxis, and Alaris products.
More info.


Linux

Patch

SUSE has updated the kernel. More info.
OpenSUSE has updated the kernel and others. More info.
Oracle Linux has updated the kernel. More info.


  

Tuesday 15 November 2022


Phoenix
Contact

Patch

A denial of service of the HTTPS management interface of FL MGUARD and TC MGUARD devices can be triggered by a larger number of unauthenticated HTTPS connections, incoming from different source IPs. CVSSv3 score of 7.5
More info. And here.


Mitsubishi
Electric

Patch

Arbitrary command execution vulnerability due to OpenSSL vulnerability exists in GT SoftGOT2000. An attacker could execute malicious OS commands by sending a specially crafted certificate. CVSSv3 score of 9.8
More info. And here.


Moxa

Patch

An improper authentication vulnerability in the NE-4100T Series allows a remote attacker to access the device.
More info.


Google

Patch

Google has updated ChromeOS LTS with two security fixes rated High.
More info.


Linux

Patch

SUSE has updated the kernel. More info.
OpenSUSE has updated the kernel and others. More info.
Oracle Linux has updated the kernel. More info.


  

Monday 14 November 2022


IBM

Patch

A command injection vulnerability in IBM InfoSphere DataStage was addressed. CVSSv3 score of 9.8
More info.


Linux

Patch

Alpine Linux has released version 3.16.3. More info.


  

Friday 11 November 2022


Omron

Patch

An Active Debug Code vulnerability exists in the NJ/NX-series Machine Automation Controllers. A remote attacker can illegally access the controllers and use the vulnerability to cause a DoS or RCE.  CVSSv3 score of 8.3
More info. And here.

Use of Hard-coded Credentials and Authentication Bypass by Capture-replay vulnerabilities exist in the communications functions between the NJ/NX-series Machine Automation Controllers, Automation software Sysmac Studio, and NA-series Programmable Terminals. An attacker may use these vulnerabilities to bypass authentication in the communications connection process and perform unauthorized access to the controller products. Highest CVSSv3 score of 9.4
More info. And here.


Moxa

Patch

Moxa VPort Series contains an Improper Input Validation vulnerability, that could allow a remote attacker to cause the RTSP service to crash.
More info.


Belden

Patch

Multiple Java SE vulnerabilities in Belden/Hirschmann software products. CVSSv3 score of 7.5
More info.


Microsoft

Patch

Microsoft has updated Edge with the latest chromium security fixes.
More info.


Dell

Patch

Dell Secure Connect Gateway contains remediation for multiple vulnerabilities that may be exploited by malicious users to compromise the affected system. Dell rates this Critical.
More info.


NetApp

Patch

NetApp has published 10 new bulletins identifying vulnerabilities in third-party software included in their products. Highest CVSSv3 score of 9.8  Some patches are available.
More info.


Linux

Patch

OpenSUSE has updated the kernel. More info.


  

Thursday 10 November 2022


Apple

Patch

Apple has published updates for iOS, iPadOS, and macOS Ventura that fixes vulnerabilities in libxml2.
More info. And here. And here.


IBM

Patch

IBM QRadar Network Packet Capture, IBM QRadar Assistant app for IBM QRadar SIEM, IBM Cloud Pak for Security, includes components with multiple known vulnerabilities. Highest CVSSv3 score of 9.8
More info. And here. And here. And here.

IBM Security Verify Access is vulnerable to execute arbitrary code due to jsr-sasign component. CVSSv3 score of 9.8
More info.

IBM Security Guardium is affected by multiple vulnerabilities.  Highest CVSSv3 score of 9.8
More info.

Multiple security issues have been identified in the WebSphere Application and IBM HTTP Server included as part of IBM Tivoli Monitoring. Highest CVSSv3 score of 9.8
More info.


Cisco

Patch

Cisco has published 17 new bulletins and 2 updated bulletins. Of the new bulletins, 7 are rated High, the rest Medium.
More info.

A vulnerability in the processing of SSH connections of Cisco Firepower Management Centerand Cisco Firepower Threat Defense Software could allow an unauthenticated, remote attacker to cause a DoS. CVSSv3 score of 7.5
More info.

A vulnerability in dynamic access policies functionality of Cisco ASA Software and FTD Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a DoS. CVSSv3 score of 8.6
More info.

A vulnerability in the generic routing encapsulation tunnel decapsulation feature of Cisco FTD Software could allow an unauthenticated, remote attacker to cause a DoS. CVSSv3 score of 8.6
More info.

A vulnerability in SNMP access controls for Cisco FirePOWER Software for ASA FirePOWER module, Cisco Firepower Management Center Software, and Cisco Next-Generation Intrusion Prevention System Software could allow an unauthenticated, remote attacker to perform an SNMP GET request using a default credential. CVSSv3 score of 7.5
More info.


Hitachi

Patch

Multiple vulnerabilities have been found in Hitachi Command Suite, Hitachi Automation Director, Hitachi Configuration Manager, Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center. Highest CVSSv3 score of 5.3
More info.


Tenable

Patch

Tenable has updated nessus to fix vulnerabilities in third-party software.  Highest CVSSv3 score of 9.8
More info.


Linux

Patch

SUSE has updated the kernel. More info.


  

Wednesday 09 November 2022


Microsoft

Exploit

Monthly Patches are out, with 68 vulnerabilities, 10 rated Critical, 1 previously disclosed, and 4 are being exploited in the wild. Highest CVSSv3 score of 8.8
More info. And here. And here.


Intel

Patch

Intel has published 24 new bulletins, highest CVSSv3 score of 8.7
More info.

Improper authentication in the Intel(R) SDP Tool may allow a remote attacker to potentially enable information disclosure. CVSSv3 score of 4.3
More info.

Improper buffer restrictions in the Hyperscan library may allow a remote attacker to potentially enable escalation of privilege. CVSSv3 score of 4.3
More info.

Potential security vulnerabilities in some Intel Chipset Firmware in Intel CSME, Intel AMT and Intel SPS may allow escalation of privilege or DoS. Highest CVSSv3 score of 8.7
More info.


Citrix

Patch

Vulnerabilities have been discovered in Citrix Gateway and Citrix ADC that could allow authenticaion bypass, remote desktop takeover, and brute force of logins. Highest CVSSv3 score of 9.8
More info.


VMware

Patch

Multiple vulnerabilities in VMware Workspace ONE Assist could allow authentication bypass.  Highest CVSSv3 score of 9.8
More info.


Google

Patch

Google has updated Chrome for Desktop to fix 10 security vulnerabilities.
More info.

Microsoft is aware and working on Edge. More info.


Veeam

Patch

A vulnerability was discovered within the Backup Appliance component of Veeam Backup for Google Cloud that allows users to bypass authentication mechanisms. CVSSv3 score of 10.
More info.


Brocade

Patch

A vulnerability in Brocade Fabric OS software could allow a remote unauthenticated attacker to execute on a Brocade Fabric OS switch commands capable of modifying zoning, disabling the switch, disabling ports, and modifying the switch IP address. CVSSv3 score of 9.4
More info.


Linux

Patch

Red Hat has updated the firmware and kpatch. More info.


  

Tuesday 08 November 2022


Schneider
Electric

Patch

Monthly Patches are out, with 1 new bulletin and 5 updated bulletins.
More info.

Schneider Electric is aware of multiple vulnerabilities in its NetBotz 4 - 355/450/455/550/570 products. Highest CVSSv3 score of 8.8
More info.


Siemens

Patch

Siemens Monthly Patches include 17 bulletins, 9 new bulletins and 8 updated bulletins. Highest CVSSv3 score of 9.9
More info.

RUGGEDCOM ROS-based V4 devices are vulnerable to a denial of service attack (Slowloris). By sending partial HTTP requests nonstop the affected web servers will be waiting for the completion of each request, occupying all available HTTP connections. The web server recovers by itself once the attack ends. CVSSv3 score of 5.3
More info.

SICAM Q100 devices contain multiple vulnerabilities that could allow an attacker to take over the session of a logged in user or to inject custom code. Highest CVSSv3 score of 9.9
More info.

The SCALANCE W1750D device contains multiple vulnerabilities that could allow an attacker to inject commands or exploit buffer overflow vulnerabilities which could lead to DoS, unauthenticated RCE, or stored XSS. Highest CVSSv3 score of 9.8
More info.


Qualcomm

Patch

Qualcomm Monthly Patches include 12 vulnerabilities, 1 rated Critical, 8 rated High, and 3 Medium. Highest CVSSv3 score of 9.8
More info.


Google

Patch

Google Android Monthly Patches include 19 vulnerabilities, all rated High, plus Imagination Technologies, Mediatek, Qualcomm, and Unisoc component updates.
More info.

Google Pixel has two additional vulnerabilities rated High, plus Android and Qualcomm updates.
More info.


Samsung

Patch

Samsung has published 26 SVEs, along with Google Android patches.
More info.


SAP

Patch

SAP Security Patch Day saw the release of 9 new Security Notes and 2 updated Security Notes. Of the new Notes, 2 are rated Hot News, 2 rate High, and 5 rated Medium. Highest CVSSv3 score of 9.9
More info.


NETGEAR

Patch

NETGEAR has publsihed 59 new bulletins. Highest CVSSv3 score of 8.8
More info.


Linux

Patch

SUSE has updated the kernel. More info.
OpenSUSE has updated the kernel. More info.
Red Hat has updated the kernel. More info.


  

ALERT DEFINITIONS

PRODUCT

GUARDED 

This alert state represents the return towards normalisation of an alert state, indicating that there was a higher alert state due to a product vulnerability during the previous few days.


PRODUCT

INCREASED 

This alert state indicates that a product vulnerability has been identified within the last few days. The vulnerability is either difficult to exploit, or if exploited, results in reduced impact to the target system.


PRODUCT

HIGH 

This alert state indicates a more serious vulnerability which is exploitable.


PRODUCT

CRITICAL 

This alert state indicates a significant threat to the product, where exploits exist or where the vulnerability is potentially devastating.


NEW

NEW 

This bottom descriptor is used with a vulnerability which has been identified in the last 24 hours, with no patch or exploit. It will typically be paired with Increased.


+24hrs

+24hrs

 This bottom descriptor is used with Indicates an alert state which has been present for more than 24 hours. It will typically be paired with Guarded, and could be changed to +48hr for an item that came out as Critical.


Patch

PATCH 

This bottom descriptor indicates that patches are available for vulnerabilities, whether it is the initial report or a patch of a vulnerability that had been previously reported.  It could be paired with Increased or High, and on rare occasions Critical.


Exploit

EXPLOIT 

This bottom descriptor indicates that an Exploit has been made public for a vulnerability, whether it is the initial report or an indication of an exploit for a vulnerability that had been previously reported.  It could be paired with High or Critical.


ZERO

ZERO DAY 

This bottom descriptor indicates that a vulnerability has been announced without the opportunity for the vendor to patch it before the details are made known.  It could be paired with High or Critical.