Vulnerability Details

The Computer Network Defence Alert State is designed to give a granular and more dynamic visualisation of the current cyber security threat.  Any increase in an alert state will occur immediately an issue is detected and it will drop again by one level each working day

Our rationale for this agility is that vulnerabilities often occur in clusters, therefore reducing the alert state again quickly, will increase your visibility of new threats to the same product. Daily reductions in alert state occur at approximately 1900 GMT/UTC. Significant vulnerabilities may remain for longer. Vulnerabilities on this page are predominantly remotely executable, very few local server exploits will be shown.

Friday 14 January 2022


Dell

Patch

Dell has published a security update for EMC Avamar, EMC NetWorker Virtual Edition, EMC PowerProtect DP Series Appliance, and EMC Integrated Data Protection Appliance multiple vulnerabilities in third-party software.  Dell rates this High.
More info.


NetApp

New

NetApp has published 7 new bulletins identifying vulnerabilities in third-party software included in their products.
More info.


Crestron

New

When the administrative web interface of the Crestron HDMI switcher is accessed unauthenticated, user credentials are disclosed which are valid to authenticate to the web interface. Crestron has decided not to fix.
More info.


Linux

Patch

SUSE has updated the kernel. More info.
Ubuntu has updated systemd. More info.


  

Thursday 13 January 2022


Cisco

Patch

Cisco has published 9 new bulletins, 1 rated Critical and the rest Medium.  Highest CVSSv3 score of 9.6, but that one still requires authentication.
More info.


Palo Alto
Networks

Patch

Palo Alto Networks Monthly Patches are out with 4 new bulletins, 1 rated High and the rest Medium. Highest CVSSv3 score of 7.8
More info.


Apple

Patch

Apple has published security updates for iOS and iPadOS that fixes a DoS vulnerability.
More info.


Juniper
Networks

Patch

Juniper Networks Quarterly Patches are out with 34 bulletins
More info.

Multiple vulnerabilities in the PFE of Juniper Networks Junos OS allow an unauthenticated networked attacker to cause a DoS by sending specific packets over VXLAN which cause either a memory leak which will ultimately result in an FPC reset or directly an FPC reset. CVSSv3 score of 7.5
More info.

Vulnerabilities in the processing of specific IPv6 packets on certain EX and QFX Junos OS devices may lead to exhaustion of DMA memory causing a DoS. CVSSv3 score of 7.5
More info. And here.

Multiple vulnerabilities in the flow processing daemon of Junos OS on MX Series and SRX series allows an unauthenticated networked attacker to cause a flowd crash and thereby a DoS. CVSSv3 score of 7.5
More info. And here. And here.

A vulnerability in the NETISR network queue functionality of Junos OS kernel allows an attacker to cause a DoS by sending crafted genuine packets to a device. CVSSv3 score of 7.5
More info.

A Missing Release of Memory after Effective Lifetime vulnerability in the Public Key Infrastructure daemon of Junos OS allows an unauthenticated networked attacker to cause DoS. CVSSv3 score of 7.5
More info.

Multiple vulnerabilities in third-party software have been resolved in Junos OS, Steel-Belted Radius (SBR) Carrier AAA server, Junos OS Evolved, Junos Space, and Contrail Networking and Contrail Cloud. CVSSv3 score of 9.8
More info. And here. And here. And here. And here. And here. And here. And here.


QNAP

Patch

A vulnerability in QTS and QuTS allows attackers to run arbitrary code in the system. QNAP rates this High.
More info.

A stack buffer overflow vulnerability has been reported to affect QNAP NAS running QVR Elite, QVR Pro, and QVR Guard. If exploited, this vulnerability allows attackers to execute arbitrary code. QNAP rates this High.
More info.


Moxa

Patch

Multiple product vulnerabilities were identified in Moxa’s VPort 06EC-2V Series IP Cameras and VPort 461A Series Video Servers.
More info.


Mitsubishi
Electric

Patch

A DoS vulnerability and and an unspecified vulnerability exists in an Ethernet interface block of MELSEC-F series. CVSSv3 score of 7.5
More info. And here.


  

Wednesday 12 January 2022


Microsoft

Patch

Microsoft Monthly Patches are out, with 126 security vulnerabilties. Six of the issues were publicly disclosed, and nine are rated Critical. Highest CVSSv3 score of 9.8
More info. And here. And here.

HTTP Protocol Stack contains an RCE vulnerability allowing an unauthenticated attacker to send a specially crafted packet to a targeted server utilizing the HTTP Protocol Stack (http.sys) to process packets. CVSSv3 score of 9.8
More info.

Windows IKE Extension contains a RCE vulnerability allowing a remote attacker to trigger multiple vulnerabilities without being authenticated. CVSSv3 score of 9.8
More info.


Adobe

Patch

Adobe Monthly Patches include updates for critical vulnerabilities in Acrobat and Reader, Illustrator, Bridge, InCopy, and InDesign.
More info.


TIBCO

Patch

TIBCO FTL contains an easily exploitable vulnerability that allows authentication bypass due to a hard coded secret used in the default realm server of the affected system. CVSSv3 score of 9.3
More info.


IBM

Patch

Multiple vulnerabilities in IBM Runtime Environment Java have been remediated in IBM Planning Analytics and IBM Planning Analytics Workspace. Highest CVSSv3 score of 9.8
More info.


Mozilla

Patch

Mozilla has published security updates for Firefox, Firefox ESR, and Thunderbird.
More info.


HPE

Patch

A potential security vulnerability in HPE Ezmeral Data Fabric may allow a remote access restriction bypass in the TEZ MapR ecosystem component. CVSSv3 score of 6.1
More info.


Libreswan

Patch

The Libreswan Project was notified of an issue with receiving a malformed IKEv1 packet that crashes the server. A malformed packet that is being rejected triggers a logging action that causes a NULL pointer dereference leading to a crash of the pluto daemon.
More info.


Linux

Patch

SUSE has updated the kernel. More info.
OpenSUSE has updated the kernel. More info.
Oracle Linux has updated the kernel. More info.


  

Tuesday 11 January 2022


HPE

Patch

A potential security vulnerability has been identified with HP-UX telnetd which allows remote attackers to execute arbitrary code via short writes or urgent data. This is due to a remote buffer overflow involving the netclear and nextitem functions. CVSSv3 score of 9.8
More info.


SAP

Patch

SAP Security Patch Day saw the release of 11 new Patch Day Security Notes. 16 security notes were released out-of-band for log4j. The log4j Note is rated Hot News, one new Note rated High, the rest are rated Medium and Low.  Highest CVSSv3 score of 10.
More info.


Belden

Patch

Multiple vulnerabilities were discovered in the Tofino, relating to user authentication, USB handling, and two enforcer modules, including hardcoded default credentials. Highest CVSSv3 score of 8.1
More info.


Siemens

Patch

Siemens Monthly Patches are out, with 5 new bulletins and 7 updated bulletins. Highest CVSSv3 score of 9.9
More info.

SICAM A8000 devices are impacted by two vulnerabilities. The first one vould allow a privileged user to enable a debug port with default credentials. The second vulnerability could allow unauthenticated access to certain previously created log files. Highest CVSSv3 score of 9.9
More info.

PLUSCONTROL 1st Gen devices are affected by some of the NUCLEUS:13 vulnerabilities in the Nucleus RTOS. Highest CVSSv3 score of 8.1
More info.


Schneider
Electric

Patch

Schneider Electric Monthly Patches are out, with 7 new bulletins and 1 updated bulletin. Highest CVSSv3 score of 9.9
More info.

Schneider Electric is aware of multiple vulnerabilities in its Modicon M340 controller and Communication Modules, including disclosure of sensitive information, unauthorized web server actions, and DoS. Highest CVSSv3 score of 7.5
More info.

Schneider Electric is aware of multiple vulnerabilities in its ConneXium Tofino Firewall products, and associated Loadable Security Modules (LSM), leading to DoS, local code execution, and firmware injection. Highest CVSSv3 score of 8.1
More info.

Schneider Electric is aware of multiple vulnerabilities disclosed by Codesys on CODESYS V3 Runtime, Development System and Gateway, including in Schneider Electric products. If successfully exploited, these vulnerabilities could result in DoS or RCE. Highest CVSSv3 score of 9.8
More info.

Schneider Electric is aware of multiple vulnerabilities in its EcoStruxure™ Power Monitoring Expert product (PME), affecting data confidentiality, data integrity issues, or a loss of access to the server. Highest CVSSv3 score of 7.5
More info.


TP-Link

Patch

Vulnerabilities related to KCodes NetUSB were disclosed and affect several TP-Link products, leading to potential RCE via an integer overflow.
More info.


Linux

Patch

SUSE has updated systemd and libsndfile. More info.
OpenSUSE has updated systemd and libsndfile. More info.
Red Hat has updated Process Automation Manager, the kernel, and cpio. More info.
Oracle Linux has updated the kernel. More info.
Ubuntu has updated the kernel. More info.


  

Monday 10 January 2022


Silicon Labs

New

Various Silicon Labs Z-Wave chipsets, used in smart home IoT devices, do not support encryption, can be downgraded to not use weaker encryption, and are vulnerable to denial of service. Some of these vulnerabilities are inherent in Z-Wave protocol specifications.
More info. And here.


NetApp

New

NetApp has published 7 new bulletins identifying security vulnerabilities in third-party software included in their products. No patches yet.
More info.


QNAP

New

QNAP has issued a product security statement regarding ransomware and brute-force attacks targeting networking devices.  QNAP is urging all QNAP NAS users to ensure security setting prevent access from the Internet.
More info.


  

Friday 07 January 2022


Fernhill
Software

Patch

Fernhill SCADA Server contains an Uncontrolled Resource Consumption vulnerability which can result in a DoS.  CVSSv3 score of 7.5
More info.


IDEC

Patch

IDEC PLCs contain Unprotected Transport of Credentials and Plaintext Storage of a Password vulnerabilities. Successful exploitation of these vulnerabilities could allow an attacker to upload, alter, and/or download the PLC user program. An attacker could also access the PLC web server and hijack the controllers, resulting in the manipulation and/or suspension of the PLC output. Highest CVSSv3 score of 7.6
More info.


QNAP

Patch

A vulnerability has been reported to affect QNAP NAS running QVPN Service 3.x. If exploited, the vulnerability allows attackers to run arbitrary code in the system. QNAP rates this High.
More info.

A reflected XSS vulnerability has been reported to affect TFTP Server in QTS, QuTS hero, and QuTScloud. If exploited, this vulnerability allows remote attackers to inject malicious code. QNAP rates this Medium.
More info.


Microsoft

Patch

Microsoft has updated chromium-based Edge with the latest chromium security fixes.
More info.


H2

Patch

H2 Java SQL database contains a vulnerability with the same root as Log4Shell, JNDI remote class loading, resulting in a remote attacker with access to the console or the database can achieve RCE.
More info. And here.


HPE

Patch

Multiple security vulnerabilities have been identified in HPE Edgeline iSM. These vulnerabilities could be remotely exploited to allow arbitrary code execution, unauthorized data access and memory corruption. Highest CVSSv3 score of 9.8
More info.


  

Thursday 06 January 2022


Moxa

Patch

Multiple product vulnerabilities were identified in Moxa’s AWK-3121 Series. Continuously sending crafted packets may cause an affected device to experience a memory leak and fail to release memory when it is no longer required, resulting in a DoS.
More info.

Moxa AWK-3131A/4131A/1137C/1131A Series routers are vulnerable to DNSpooq buffer overflow and DNS response validation issues, leading to RCE, DoS and DNS cache poisoning.
More info.


D-Link

Patch

Multiple D-Link products are vulnerable to the Qualcomm issue of Improper Validation of Array Index in WLAN, resulting in a possible stack out of bound write. CVSSv3 score of 9.8
More info.

EOL products DIR-600M/C1, DIR-612/B1, DIR-615/T1 & T3, and DSL-2750U/I1 are vulnerable to attack via Windows WPAD and the routers' DHCP default setting domain name. This vulnerability is from 2016.
More info.

The LAN-side Web-Configuration Interface has a Stack-based Buffer Overflow vulnerability in the EOL DIR-859 Wi-Fi router firmware v1.05. Remote attackers can construct a payload to carry out arbitrary code attacks.
More info.


Tenable

Patch

Tenable.sc was found to contain a RCE vulnerability which could allow a remote, unauthenticated attacker to execute code under special circumstances. Third party software vulnerabilities were also identified. Highest CVSSv3 score of 9.8
More info.

Nessus Network Monitor has been updated to fix OpenSSL vulnerabilities. Highest CVSSv3 score of 9.8
More info.


Linux

Patch

Ubuntu has updated the kernel. More info.


  

Wednesday 05 January 2022


Google

Patch

Google Android Monthly Patches are out, with 21 vulnerabilities, all rated High, and MediaTek, Unisoc, and Qualcomm patches.
More info.

Google Pixel Monthly Patches are available, 8 Pixel-specific patches, 7 rated High and 1 rated Moderate.
More info.

Google has published an update for Chrome for Desktop that includes 37 security fixes, at least one of which is rated Critical.
More info.

Microsoft is working to include the updates in chromium-based Edge.
More info.


Samsung

Patch

Monthly Patches for Samsung are out, with 19 vulnerabilities, most rated Moderate, in addition to Android patches.
More info.


NETGEAR

Patch

NETGEAR has released fixes for multiple vulnerabilities on several router products. CVSSv3 score of 8.1
More info.


  

Tuesday 04 January 2022


Phoenix
Contact

New

The TCP/IP stack in Siemens Nucleus RTOS contain several vulnerabilities. Nucleus NET is utilized by BLUEMARK X1 / LED / CLED printers. Highest CVSSv3 score of 8.8
More info.


Qualcomm

Patch

Qualcomm Monthly Patches are out, with 1 rated Critical, 7 rated High, and 1 rated Moderate. Highest CVSSv3 score of 9.3
More info.


  

Monday 03 January 2022


TRENDnet

New

Multiple security vulnerabilities have been identified Trendnet AC2600 TEW-827DRU firmware. Highest CVSSv3 score of 9.8  No patches yet.
More info.


MediaTek

Patch

MediaTek Monthly Patches are out, with 37 vulnerabilities addressed, 15 rated High and 22 rated Medium.
More info.


Dell

Patch

Security vulnerabilities in VMware affect Dell EMC Enterprise Hybrid Cloud.
More info.


  

Friday 31 December 2021


HCL Software

Patch

A Server Side Request Forgery vulnerability affects HCL Digital Experience, on-premise deployments and containers. An Inefficient Regular Expersion vulnerability affects HCL Digital Experience containers only. CVSSv3 score of 8.0 for both vulnerabilities.
More info.


Linux

Patch

OpenSUSE has updated the kernel firmware. More info.


  

Thursday 30 December 2021


QNAP

Patch

A vulnerability involving exposure of sensitive information has been reported to affect QNAP NAS running QTS, QuTS hero, and QuTScloud. If exploited, this vulnerability allows attackers to compromise the security of the system. QNAP rates this Medium.
More info.


Wireshark

Patch

Six vulnerabilities have been fixed in the latest version of Wireshark, all could lead to DoS.
More info.


Moxa

New

Multiple product vulnerabilities were identified in Moxa’s AWK-3131A/4131A/1131A/1137C Series and TAP-213/TAP-323 Series Wireless AP/Bridge/Client. These include allowing a remote attacker to execute arbitrary commands on the device via a web interface, bypass authentication mechanisms, cause a DoS, obtain sensitive information, use brute force to obtain credentials, insert HTML and Javascript into the system via a web interface, or create malicious firmware for the device. Patches are for only one of 7 vulnerabilities, workarounds are provided for the rest.
More info. And here.

Multiple product vulnerabilities were identified in Moxa’s OnCell G3150A/G3470A Series and WDR-3124A Series Cellular Gateways/Router. These include allowing a remote attacker to execute arbitrary commands on the device via a web interface, bypass authentication mechanisms, cause a DoS, obtain sensitive information, use brute force to obtain credentials, or create malicious firmware for the device. No patches, only workarounds.
More info.



Zyxel

Patch

Zyxel has released a patch addressing insufficient session expiration and cleartext storage of sensitive information vulnerabilities in the NBG6604 home router.
More info.



NetApp

New

NetApp has published 7 new bulletins identifying security vulnerabilities in third-party software included in their products.  No patches yet.
More info.



Linux

Patch

SUSE has updated the kernel firmware. More info.
Mageia has updated the kernel. More info.


  

Tuesday 28 December 2021


Moxa

Patch

A product vulnerability was identified in Moxa’s TN-5900 Series Secure Routers and MGate 5109 and MGate 5101-PBM-MN Series Protocol Gateways. Continuously sending crafted packets may cause an affected device to experience a memory leak and fail to release memory when it is no longer required, resulting in a DoS.
More info. And here.

Multiple product vulnerabilities were identified in Moxa’s TN-5900 Series Secure Routers. An attacker could easily modify the firmware and avoid the inspection mechanism or inject malicious code to damage the device.
More info.


  

Friday 24 December 2021


IBM

Patch

IBM Rational ClearQuest uses OpenSSL. Security vulnerabilities were disclosed by the OpenSSL Project. CVSSv3 score of 9.8
More info.


NetApp

New

NetApp has published a bulletin identifying security vulnerabilities in Apache HTTP software included in their products. Highest CVSSv3 score of 9.8 No patches yet.
More info.


  

Thursday 23 December 2021


Moxa

New

A product vulnerability was identified in Moxa’s MGate MB3180/MB3280/MB3480 Series. Remote attackers can obtain sensitive information due to default use of HTTP.  Recommendation is to turn on HTTPS.
More info.


NetApp

Patch

NetApp has published 7 new bulletins identifying security vulnerabilities in third-party software included in their products. Two of the bulletins have patches.
More info.


NETGEAR

Patch

NETGEAR has published another 15 security bulletins for their products. Nearly all require Adjacent network access.
More info.

NETGEAR has released fixes for a pre-authentication command injection security vulnerability on several products. CVSSv3 score of 9.6
More info.


Johnson
Controls

Patch

Johnson Controls has confirmed a vulnerability impacting American Dynamics VideoEdge. Running a vulnerability scanner can cause a DoS.  CVSSv3 score of 7.5
More info.


  

Wednesday 22 December 2021


Saviynt

Patch

Saviynt Enterprise Identity Cloud contains two vulnerabilities in the password reset feature. A remote, unauthenticated attacker can enumerate users and bypass authentication to change the password of an existing administrative user. The attacker can then perform administrative actions and possibly make changes to other connected authentication systems.
More info.


F-Secure

Patch

A vulnerability affecting F-Secure antivirus engine was discovered whereby scanning MS outlook pst files can lead to denial-of-service. The vulnerability can be exploited remotely by an attacker. A successful attack will result in denial-of-service of the antivirus engine.
More info.


Auerswald

Patch

Several backdoors have been identified in the firmware for the Auerswald COMpact 5500R PBX. These backdoors allow attackers who are able to access the web-based management application full administrative access to the device.
More info. More bulletins for this product here.


NETGEAR

Patch

NETGEAR has published another 22 security bulletins for their products. All require Adjacent network access.
More info.


Linux

Patch

Mageia has updated the kernel. More info.
Oracle Linux has updated the kernel. More info.


  

Tuesday 21 December 2021


NETGEAR

Patch

NETGEAR has released 20 new bulletins covering several product lines.
More info.

NETGEAR has released fixes for a pre-authentication command injection security vulnerability on the several product models. Highest CVSSv3 score of 9.6
More info.

NETGEAR has released fixes for a pre-authentication buffer overflow security vulnerability on the several product models. CVSSv3 score of 6.5
More info.

NETGEAR has released fixes for a sensitive information disclosure security vulnerability on the several product models. CVSSv3 score of 8.4
More info.

NETGEAR has released fixes for a admin credentials disclosure security vulnerability on the several product models. CVSSv3 score of 7.6
More info.


IBM

Patch

IBM App Connect Enterprise Certified Container operator may be affected by a vulnerability in Golang Go. CVSSv3 score of 9.8
More info.


Dell

Patch

Dell EMC Elastic Cloud Storage 3.6.2.1 contains remediation for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system. Highest CVSSv3 score of 10.
More info.

Dell EMC Unisphere for PowerMax, EMC Unisphere for PowerMax Virtual Appliance, EMC Solutions Enabler Virtual Appliance, EMC Unisphere 360, EMC VASA, and EMC PowerMax Embedded Management contains remediation for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system. Highest CVSSv3 score of 9.8
More info.


Linux

Patch

Red Hat has updated the kernel. More info.
Oracle Linux has updated the kernel. More info.


  

Monday 20 December 2021


Apache

Patch

Apache Log4j2 does not always protect from infinite recursion in lookup evaluation. CVSSv3 score of 7.5
More info.

Apache HTTP Server has 2 patched vulnerabilities. The vulnerabilities allow a remote attacker to execute arbitrary code or perform SSRF attacks on the target system. Highest CVSSv3 score of 8.7
More info.


  

Friday 17 December 2021


Rockwell
Automation

Patch

Rockwell Automation has reported two vulnerabilities in the 1783-NATR. If successfully exploited, these vulnerabilities may result in RCE on the device through the GoAhead web server and DoS. Highest CVSSv3 score of 9.8
More info.


Mbed TLS

Patch

Mbed TLS contains a High Severity Double Free vulnerability. An attacker could potentially trigger an out of memory condition, and therefore use this bug to create memory corruption, which could then be further exploited or targeted.
More info.


VMware

Patch

A SSRF vulnerability exists in VMware Workspace ONE UEM console. CVSSv3 score of 9.1
More info.


Bitdefender

Patch

A SSRF vulnerability in the EPPUpdateService component of Bitdefender Endpoint Security Tools allows an attacker to proxy requests to the relay server. CVSSv3 score of 6.8
More info.


  

Thursday 16 December 2021


Mitsubishi
Electric

Patch

A DoS vulnerability exists in Mitsubishi Electric's FA engineering software GX Works2. If a malicious attacker tampers with a program file in a Mitsubishi Electric PLC by sending malicious crafted packets to the PLC, reading the program file into GX Works2 may result in a DoS in GX Works2. CSSv3 score of 5.3
More info.

Multiple DoS vulnerabilities exist in TCP/IP protocol stack of MELSEC Series Remote I/O. A remote attacker may cause a DoS by sending specially crafted packets. CVSSv3 score of 7.5
More info.


  

Wednesday 15 December 2021


Microsoft

Exploit

Microsoft Monthly Patches are out with patches for 83 vulnerabilities. Of these, 7 are critical, 6 were previously disclosed and 1 is being exploited.
More info. And here. And here.

An attacker could send a specially crafted request to the Internet Storage Name Service (iSNS) server, which could result in remote code execution. CVSSv3 score of 9.8.
More info.

Microsoft Office app contains a RCE vulnerability. CVSSv3 score of 9.6
More info.

Visual Studio Code WSL Extension contains an RCE vulnerability. CVSSv3 score of 9.8
More info.

Microsoft has updated Edge to include updates from chromium, including an exploited chromium security vulnerability.
More info.


Adobe

Patch

Adobe Monthly Patches are out, with security updates for Premiere Rush, Experience Manager, Connect, Photoshop, Prelude, After Effects, Dimension, Premiere Pro, Media Encoder, Lightroom, and Audition.
More info.

Adobe has released updates for Adobe Premiere Rush for Windows and macOS. This update addresses multiple critical and important vulnerabilities. Successful exploitation could lead to arbitrary code execution, application denial-of-service, and privilege escalation.
More info.

Adobe has released updates for Adobe Experience Manager (AEM). These updates resolve vulnerabilities rated critical and Important.  Successful exploitation of these vulnerabilities could result in arbitrary code execution and security feature bypass. Highest CVSSv3 score of 9.8
More info.


HP

Patch

Certain HP DesignJet products may be vulnerable to unauthenticated HTTP requests which allow viewing and downloading of print job previews. CVSSv3 score of 7.5
More info.


Lenovo

Patch

Authentication bypass vulnerabilities were discovered in an internal service and the web interface of the Lenovo Fan Power Controller2 (FPC2) and Lenovo System Management Module (SMM) firmware that could allow an unauthenticated attacker to execute commands on the SMM and FPC2.
More info.


F5

Patch

A XSS vulnerability exists in an undisclosed page of the NGINX Swagger UI. CVSSv3 score of 8.2
More info.


OpenSSL

Patch

A pair of vulnerabilities have been fixed in the latest versions of OpenSSL.
More info.


  

Tuesday 14 December 2021


SAP

Patch

SAP Monthly Patches are out with 11 new Security Notes, 2 rated Hot News, 6 rated High, 2 rated Medium, and one Low. There were 4 updates to previously released Security Notes, 2 rated Hot News, 2 rated Medium.
More info.


Siemens

Patch

Siemens Monthly Patches are out, with 15 new bulletins and 7 updated bulletins. One is for Apache log4j.  Of the other new bulletins, highest CVSSv3 score of 9.1
More info.

SiPass integrated contains multiple vulnerabilities that could allow an unauthenticated remote attacker to access or modify several internal application resources. CVSSv3 score of 7.5
More info.

Multiple LibVNC vulnerabilities in the affected products could allow remote code execution, information disclosure and DoS attacks under certain conditions. CVSSv3 score of 9.8
More info.

CAPITAL VSTAR uses an affected version of the Nucleus software and inherently contains several of the NUCLEUS:13 vulnerabilities. Highest CVSSv3 score of 8.8
More info.


Schneider
Electric

Patch

Monthly Patches for Schneider Electric are out, with 5 new bulletins including one for log4j, and 2 updated bulletins.
More info.

There are multiple vulnerabilities in the Data Collector module for the IGSS(Interactive Graphical SCADA System) product. Highest CVSSv3 score of 6.5
More info.

Schneider Electric is aware of multiple vulnerabilities in its EVlink City, Parking, and Smart Wallbox products. These vulnerabilities can be exploited, in the case of a connected station, through the network of the charging station’s supervision system. The risk is further elevated when the connected stations are accessible over the internet and have insufficient network security measures. Highest CVSSv3 score of 9.3
More info.


Google

Patch

Google has published an update for Chrome for Desktop with 5 security issues, 1 rated Critical and the rest High.
More info.


Apple

Patch

Apple has published security updates for iOS, iPadOS, watchOS, as well as macOS Monterey, Big Sur, and Catalina.
More info.


HPE

Patch

A potential security vulnerability has been identified in Integrated Lights-Out 5 (iLO 5) firmware. The vulnerability could be remotely exploited. CVSSv3 score of 7.4
More info.


  

Monday 13 December 2021


Log4Shell

Exploit

Apache Log4j has a 0-day Remote Code Execution vulnerability with active exploits. Here is a collection of the vendor bulletins and other news regarding this vulnerability. CVSSv3 score of 10.
More info.

Being used to implant Coin Miners here.

Microsoft response. More info.
F5 is researching their products. More info.
Huawei too. More info.
Cisco here. Several products are vulnerable.
Elastic bulletin. Logstash is vulnerable.
Several VMware products are vulnerable.
Fortinet has several vulnerable products.
GE Digital is evaluating.
GE Healthcare is assessing.
Thales is evaluating.
Rockwell Automation is evaluating, and has patched two products.
IBM's response. Two products vulnerable so far.
Dell is evaluating.  several bulletins. Additional info.
McAfee products are under review.
Debian has updated.
Mageia has updated.
TP-Link products are vulnerable.
SonicWall has at least one vulnerable product.
ForgeRock uses a vulnerable RSA module.
HCL Software has several bulletins.
Citrix is investigating.
SolarWinds has affected products.

Added 14 December:
Soho ManageEngine products.
Philips has at least one product vulnerable.
Siemens list of vulnerable products.
Atlassian statement.
Splunk has vulnerable bits in the add-ons.
Juniper has published an out-of-cycle bulletin for their products.
Commscope RUCKUS products are vulnerable.
Digi is still investigating, nothing so far.
HMS has several bulletins.
Poly has identified one vulnerable product.
Schneider Electric is investigating.
Wind River has at least one affected product.
Spacelabs Healthcare is investigating.
Lenovo is investigating.
Several HPE products use Apache Log4j2 and could be vulnerable.
Broadcom Brocade products are vulnerable.
QNAP is investigating.
NetApp has several products vulnerable.
FlexNet License Server Manager (FLSM) is vulnerable, this will roll through the products who use this licensing solution.
Other Flexera products are vulnerable as well.
Revenera products are vulnerable.
Nagios is investigating, but thinks they're not vulnerable even though they have log4j.

Cybersecurity Help has a good list of products as well.

Added 15 December:
WIBU has vulnerable products.
Moxa is investigating.
Johnson Controls is looking into it.
Phoenix Contact has a Cloud product that is "partly affected".
SICK has remediated for their FieldEcho Cloud service.
Baxter is investigating.
Boston Scientific is investigating.
Intel has several affected products.
Sierra Wireless has a vulnerable product.
NVIDIA is evaluating.
SuperMicro has one vulnerable product.
Sophos Mobile EAS Proxy is vulnerable.
Ubuntu has updated.
D-Link has started investigating.
Apache's statement on Tomcat and log4j.

Updated 16 December:
ABB has some vulnerable products.
Ivanti MobileIron and others are vulnerable.
Xylem has several products for updates.
Xerox has two special statements.

Updated 17 December:
ArcGIS is vulnerable.
Microsoft has some vulnerable pieces as well.
PCVue Solutions has put out a bulletin, requires a login.
Eaton is contacting customers with vulnerable products.
Medtronic is researching.
Hitachi has some vulnerable products.
OpenSUSE has updated.
Debian has updated.


Microsoft

Patch

Microsoft has updated chromium-based Edge with the latest chromium security patches.
More info.


IBM

Patch

Multiple vulnerabilities exist in XStream Jackson, jQuery, and Dom4j, including execution of arbitrary code, server-side request forgery, DoS, bypassing security restrictions, and deletion of arbitrary files. These affect IBM Spectrum Copy Data Management. Highest CVSSv3 score of 9.8
More info. And here.

OpenSSL vulnerabilities affect the IBM Spectrum Protect Backup-Archive Client for network connections with NetApp services. Highest CVSSv3 score of 9.8
More info.

IBM App Connect Enterprise is affected by vulnerabilities in Node.js. Highest CVSSv3 score of 9.8
More info.


  

Friday 10 December 2021


Apache

Exploit

Apache Log4j has a 0-day Remote Code Execution vulnerability with PoC exploits in the JNDI lookup feature.  CVSSv3 score of 10.
More info. And here. And here.

F5 is researching their products. More info.
Huawei too. More info.


Hillrom

New

Hillrom Welch Allyn Cardio Products contain an authentication bypass vulnerability. This vulnerability allows the application to accept manual entry of any AD account provisioned in the application without supplying a password, resulting in access to the application as the supplied AD account, with all associated privileges. CVSSv3 score of 8.1
More info. And here.


NetApp

New

NetApp has published 6 new security bulletins identifying vulnerabilities in third-party software included in their products. No patches yet.
More info.


QNAP

Patch

A stack buffer overflow vulnerability has been reported to affect QNAP NAS running Surveillance Station. If exploited, this vulnerability allows attackers to execute arbitrary code. QNAP rates this High.
More info.


Linux

Patch

SUSE has updated the kernel. More info.


  

Thursday 09 December 2021


ForgeRock

Patch

Security vulnerabilities have been discovered in supported versions of AM. It may be possible to bypass some authentication controls and gain access to other users' session tokens, and AM is vulnerable to XSS attacks which could lead to session hijacking or phishing. ForgeRock rates this Critical.
More info.


Gryphon

New

Multiple vulnerabilities exist in the Gryphon Tower router, when combined could lead to unauthenticated remote command injection as root on unsuspecting user devices. Highest CVSSv3 score of 8.8
More info.


  

Wednesday 08 December 2021


Hitachi
Energy

Patch

Hitachi Energy RTU500 Series contain vulnerabilities in OpenLDAP that could cause a DoS in the affected version of the RTU500 series product. CVSSv3 score of 7.5
More info.

Hitachi Energy XMC20 and FOX61x contain vulnerabilities including Weak Password Requirements and Missing Handler. Successful exploitation of these vulnerabilities could allow an attacker to gain unauthorized access to the Data Communication Network (DCN) routing configuration and cause a disruption to the Network Management (NMS) and Network Element (NE) communication. Highest CVSSv3 score of 9.0
More info. And here.


Fortinet

Patch

Fortinet Monthly Patches are out, with 40 new bulletins. 1 is rated Risk Level 5 (highest), 18 are rated 4, 20 are rated 3, and 1 is rated 2.
More info.

A use of hard-coded cryptographic key vulnerability [CWE 321] in FortiOS SSLVPN may allow an attacker to retrieve the key by reverse engineering. CVSSv3 score of 7.3
More info.

An integer overflow or wraparound vulnerability in FortiOS SSLVPN memory allocator may allow an unauthenticated attacker to corrupt control data on the heap via specifically crafted requests to SSLVPN, resulting in potentially arbitrary code execution. CVSSv3 score of 7.7
More info.

An uncontrolled resource consumption vulnerability in FortiWeb may allow an unauthenticated attacker to cause a Denial of Service to the FortiWeb's HTTP daemon via sending a large amount of crafted HTTP requests. CVSSv3 score of 7.1
More info.


Google

Patch

Google has published an update for Chrome for Desktop that includes 22 security fixes, most rated High.
More info.


Bosch

Patch

Bosch VRM and BVMS with VRM installations contain a vulnerability that allows an unauthenticated remote attacker to send a special HTTP request that causes a DoS. This crash also opens the possibility to send further unauthenticated commands to the service. CVSSv3 score of 9.1
Other vulnerabilities are also listed.
More info.


Xerox

Patch

Xerox AltaLink products have been updated for several vulnerabilities. Highest CVSSv3 score of 7.5
More info. And here.


SonicWall

Patch

SonicWall has verified and patched vulnerabilities of critical and medium severity, including a RCE vulnerability, in SMA 100 series appliances. Highest CVSSv3 score of 9.8
More info.


Mozilla

Patch

Mozilla has published bulletins for Firefox, Firefox ESR, and Thunderbird that contain vulnerabilities rated High and lower.
More info.


Linux

Patch

SUSE has updated the kernel. More info.


  

Tuesday 07 December 2021


Google

Patch

Google has published the Monthly Patches for Android, with 23 vulnerabilities plus the Qualcomm patches.  Three are rated Critical, with 2 providing RCE.
More info.

Google Pixel Monthly Patches are out as well, with 85 vulnerabilities plus the Android and Qualcomm patches.  Five are rated High, all the rest are Moderate.
More info.


Samsung

Patch

Samsung Monthly Patches are out, with 18 vulnerabilities plus the Google Android monthly patches. At least 2 are rated Critical.
More info.


ABB

Patch

ABB has published an update for RobotWare 7 that resolves a missing authentication vulnerability. The vulnerability could lead to an attacker reading and modifying files on the OmniCore controller if the attacker has access to the Connected Services Gateway Ethernet port. CVSSv3 score of 9.8
More info.


Zoho

Exploit

An authentication bypass vulnerability was recently identified in Desktop Central. An authentication bypass vulnerability in ManageEngine Desktop Central could result in remote code execution. Exploits have been seen in the wild.
More info.


QNAP

Exploit

A bitcoin miner has been reported to target QNAP NAS. Once a NAS is infected, CPU usage becomes unusually high where a process named "[oom_reaper]" could occupy around 50% of the total CPU usage. QNAP is investigating.
More info.


Linux

Patch

SUSE has updated the kernel. More info.
OpenSUSE has updated the kernel. More info.
Oracle Linux has updated the kernel. More info.


  

Monday 06 December 2021


Qualcomm

Patch

Qualcomm Monthly Patches are out, with 3 vulnerabilities rated Critical, 19 rated High, and 2 rated Moderate.  Three vulnerabilities can be exploited by a remote, unauthenticated attacker.  Highest CVSSv3 score of 9.8
More info.


IBM

Patch

A security vulnerability in Node.js vm2 module affects IBM Cloud Automation Manager, which could allow a remote attacker to execute arbitrary code on the system.  CVSSv3 score of 9.8
More info.

IBM Event Streams is affected by vulnerabilitiy in Golang which may result in a buffer overflow allowing a remote attacker to execute arbitrary code on the system. CVSSv3 score of 9.8
More info.


Dell

Patch

Dell has published a security update for vulnerabilities in third-party software included in EMC PowerFlex Rack. Dell rates this Critical.
More info.


F5

Patch

F5 has published updates for NGINX ModSecurity WAF. An attacker using specifically formatted JSON messages can cause high resource utilization and potentially DoS. CVSSv3 score of 5.3
More info.


Linux

Patch

SUSE has updated the kernel. More info.
Mageia has updated the kernel. More info.


  

Friday 03 December 2021


WebHMI

Patch

Distributed Data Systems WebHMI contains an Authentication Bypass by Primary Weakness vulnerability, and an Unrestricted Upload of File with Dangerous Type vulnerability.  Highest CVSSv3 score of 10.
More info.


Hitachi

Patch

Hitachi Energy is aware of a vulnerability in the RTU500 series. An attacker could exploit this vulnerability only on RTU500 series in which BCI IEC 60870-5-104 is configured and enabled by project configuration. An attacker could cause the product to reboot. CVSSv3 score of 7.5
More info.

Hitachi Energy is aware of vulnerabilities in OpenSSL and libxml2 used in the RTU500 series An attacker who successfully exploited this vulnerability could eavesdrops on the traffic, retrieve information from memory or to cause a DoS.  Highest CVSSv3 score of 8.6
More info.


IBM

Patch

Security vulnerabilities in third party software have been addressed in IBM Cognos Analytics. Highest CVSSv3 score of 9.8
More info.

In response to a security issue with BMC's IPMI LAN+ interface, a new Power System firmware update is being released. CVSSv3 score of 10.
More info.

Multiple vulnerabilities in VMware vCenter plugins affect IBM Cloud Pak System. IBM Cloud Pak System. CVSSv3 score of 9.8
More info.


NetApp

New

NetApp has published 5 new bulletins for vulnerabilities in third-party software included in their products.  No patches yet.
More info.


Linux

Patch

CentOS has updated the kernel. More info.


  

Thursday 02 December 2021


Mozilla

Patch

NSS is vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Mozilla rates this Critical.
More info.


Linux

Patch

SUSE has updated the kernel. More info.
OpenSUSE has updated the kernel. More info.
Mageia has updated the systemd, glibc, and others. More info.


  

Wednesday 01 December 2021


Xylem

Patch

A vulnerability exists that could allow an unauthenticated attacker to invoke queries to manipulate the Aanderaa GeoView database server. CVSSv3 score of 8.2
More info. And here.


Moxa

New

Multiple product vulnerabilities were identified in Moxa’s ioPAC 8500 Series and ioPAC 8600 Series rugged modular programmable controllers, including RCE, cleartext transmission of sensitive information, hard-coded cryptographic key, and unprotected storage of credentials. No patches yet.
More info.


IBM

Patch

Vulnerabilities in OpenSSL affect IBM Integration Bus and IBM App Connect Enterprise. CVSSv3 score of 9.8
More info.


Linux

Patch

Red Hat has updated the kernel. More info.
Ubuntu has updated the kernel. More info.


  

Tuesday 30 November 2021


Mitsubishi
Electric

Patch

Multiple DoS vulnerabilities exist in MELSEC iQ-R/Q/L series CPU module and MELIPC series. A remote attacker may stop the program execution or Ethernet communication of  the products by sending specially crafted packets. CVSSv3 score of 7.5
More info.


CODESYS

Patch

CODESYS Git lacks server certificate validation using HTTPS protocol. Therefore, the server connection is vulnerable to a man-in-the-middle attack. CVSSv3 score of 8.0
More info.


B&R

Patch

Number:Jack is a set of vulnerabilities in TCP/IP stacks in which ISNs are improperly generated, leaving TCP connections of a device open to attacks. B&R Vision cameras, Safe Logic, Bus Controller, and Motion components are impacted.  CVSSv3 score of 5.7
More info.


IBM

Patch

IBM Cúram Social Program Management uses the Apache Log4j libraries, for which there is a publicly known vulnerability. For this vulnerability, Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by improper deserialization of untrusted data in SocketServer. CVSSv3 score of 9.8
More info.


  

Monday 29 November 2021


IBM

Patch

A vulnerability in IBM SDK Java affects IBM Cloud Pak System. A stack-based buffer overflow exists allowing a remote attacker to send an overly long string and execute arbitrary code on the system or cause the application to crash. CVSSv3 score of 9.8
More info.


Hitachi

Patch

Multiple vulnerabilities have been found in Hitachi Ops Center Analyzer viewpoint and Hitachi Ops Center Viewpoint. Highest CVSSv3 score of 7.5
More info.


QNAP

Patch

A command injection vulnerability and an improper authentication vulnerability have been reported to affect QNAP VS Series NVR running QVR. If exploited, these vulnerabilities allow remote attackers to run arbitrary commands and compromise the security of the system. QNAP rates these Critical and High.
More info. And here.


  

ALERT DEFINITIONS

PRODUCT

GUARDED 

This alert state represents the return towards normalisation of an alert state, indicating that there was a higher alert state due to a product vulnerability during the previous few days.


PRODUCT

INCREASED 

This alert state indicates that a product vulnerability has been identified within the last few days. The vulnerability is either difficult to exploit, or if exploited, results in reduced impact to the target system.


PRODUCT

HIGH 

This alert state indicates a more serious vulnerability which is exploitable.


PRODUCT

CRITICAL 

This alert state indicates a significant threat to the product, where exploits exist or where the vulnerability is potentially devastating.


NEW

NEW 

This bottom descriptor is used with a vulnerability which has been identified in the last 24 hours, with no patch or exploit. It will typically be paired with Increased.


+24hrs

+24hrs

 This bottom descriptor is used with Indicates an alert state which has been present for more than 24 hours. It will typically be paired with Guarded, and could be changed to +48hr for an item that came out as Critical.


Patch

PATCH 

This bottom descriptor indicates that patches are available for vulnerabilities, whether it is the initial report or a patch of a vulnerability that had been previously reported.  It could be paired with Increased or High, and on rare occasions Critical.


Exploit

EXPLOIT 

This bottom descriptor indicates that an Exploit has been made public for a vulnerability, whether it is the initial report or an indication of an exploit for a vulnerability that had been previously reported.  It could be paired with High or Critical.


ZERO

ZERO DAY 

This bottom descriptor indicates that a vulnerability has been announced without the opportunity for the vendor to patch it before the details are made known.  It could be paired with High or Critical.


© Computer Network Defence Limited 2021