Vulnerability Details

The Computer Network Defence Alert State is designed to give a granular and more dynamic visualisation of the current cyber security threat.  Any increase in an alert state will occur immediately an issue is detected and it will drop again by one level each working day

Our rationale for this agility is that vulnerabilities often occur in clusters, therefore reducing the alert state again quickly, will increase your visibility of new threats to the same product. Daily reductions in alert state occur at approximately 1900 GMT/UTC. Significant vulnerabilities may remain for longer. Vulnerabilities on this page are predominantly remotely executable, very few local server exploits will be shown.

Monday 20 September 2021


Microsoft

Patch

Microsoft has updated the bulletin for the OMI vulnerabilities to add additional affected products to the Security Updates table. Again.
More info.


PILZ

Patch

Multiple products of PILZ utilise a third-party TCP/IP implementation - the "Niche Ethernet Stack". This TCP/IP stack contains multiple vulnerabilities. Highest CVSSv3 score of 7.5
Updates for one product, mitigations for the rest.
More info.


Xerox

Patch

Xerox Phaser, WorkCentre, and VersaLink products have been updated to correct an issue where scanning the printer with NMAP shows TCP port 3000 is open.
More info.

Xerox FreeFlow Print Server has updates for Oracle, Java, and Firefox.
More info.


NetApp

New

NetApp has published 6 new bulletins identifying vulnerabilities in third-party software that affects their products.  No patches yet.
More info.


  

Friday 17 September 2021


Microsoft

Patch

Microsoft has updated the bulletin for the OMI vulnerabilities to add additional affected products added to the Security Updates table.
More info.

Microsoft has updated chromium-based Edge to include the latest updates to chromium.
More info.


Dell

Patch

Dell published a security advisory to address vulnerabilities in Dell PowerPath Windows. Exploitation of the vulnerabilities may lead to system compromise, unauthorized access to sensitive information or remote code execution. Highest CVSSv3 score of 9.8
More info.


Moxa

Patch

Moxa has published a bulletin for MGate MB3180/MB3280/MB3480 Series Protocol Gateways identifying multiple vulnerabilities that could lead to remote DoS. CVSSv3 score of 7.5
More info.

Multiple product vulnerabilities were identified in Moxa’s MXview Series. These include allowing remote connections to internal communication channels, hard-coded default passwords, RCE, information exposure, and others.
More info.


IBM

Patch

IBM API Connect has addressed vulnerabilities in Apache. Highest CVSSv3 score of 8.2
More info.


McAfee

Patch

Endpoint Security for Windows update fixes two vulnerabilities and updates the cURL library. Highest CVSSv3 score of 7.3
More info.


Linux

Patch

Ubuntu has updated the kernel. More info.


  

Thursday 16 September 2021


Apache

Patch

When Tomcat is configured to use NIO+OpenSSL or NIO2+OpenSSL for TLS, a specially crafted packet could be used to trigger an infinite loop resulting in a DoS.
More info.

Apache has been updated to correct several security vulnerabilities, 1 rated High, 3 rated Moderate, and 1 rated Low. The High vulnerability allows a crafted request uri-path to cause mod_proxy to forward the request to an origin server choosen by the remote user.
More info.


Apple

Patch

A vulnerability exists in iTunes U.  Processing a maliciously crafted URL may lead to arbitrary javascript code execution.
More info.


Linux

Patch

SUSE has updated the kernel. More info.
OpenSUSE has updated the kernel. More info.
Red Hat has updated the kernel. More info.
Oracle Linux has updated the kernel. More info.


  

Wednesday 15 September 2021


Microsoft

Patch

Microsoft Monthly Patches are out with 86 vulnerabilities, 3 are Critical, 2 vulnerabilities were previously disclosed and one is being exploited according to Microsoft. Highest CVSSv3 score of 9.8
More info. And here. And here.

Microsoft has released security updates to address a remote code execution vulnerability in MSHTML that affects Microsoft Windows. Microsoft is aware of targeted attacks that attempt to exploit this vulnerability by using specially-crafted Microsoft Office documents. CVSSv3 score of 8.8
More info.

There is a critical vulnerability in Microsoft Open Management Infrastructure which may be used for remote code execution. CVSSv3 score of 9.8.
More info.


Adobe

Patch

Adobe Monthly Patches are out with 15 bulletins, covering Acrobat and Reader, Premiere Pro, InCopy, SVG-Native-Viewer, InDesign, FrameMaker, ColdFusion, Creative Cloud Desktop, Photoshop, Photoshop Elements, Premiere Elements, Digital Editions, Genuine Service, Experience Manager, and XMP Toolkit SDK.
More info.

Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address  multiple critical, important and moderate vulnerabilities. Successful exploitation could lead to arbitrary code execution in the context of the current user. Highest CVSSv3 score of 8.8
More info.


Johnson
Controls

Patch

Johnson Controls KT-1 door controller contains an Authentication Bypass by Capture-replay vulnerability. Successful exploitation of this vulnerability may allow replay attacks. CVSSv3 score of 8.6
More info. And here.


Citrix

Patch

A security issue has been identified in Citrix ShareFile storage zones controller which, if exploited, would allow an unauthenticated attacker to remotely compromise the storage zones controller. Citrix rates this Critical.
More info.


IBM

Patch

IBM Security Guardium has fixed multiple vulnerabilities in third-party software included in the product.  Highest CVSSv3 score of 9.9
More info.

IBM has fixed  Multiple vulnerabilities in ICU libraries used in IBM DataPower Gateway.  Highest CVSSv3 score of 9.8
More info.

IBM has fixed  Multiple vulnerabilities in OpenSSL used IBM Sterling Connect:Express for UNIX. CVSSv3 score of 9.8
More info.


  

Tuesday 14 September 2021


SAP

Patch

SAP Security Patch Day saw the release of 17 Security Notes, with 2 updates to previously released Patch Day Security Notes. Five of the Security Notes were rated Hot News, with CVSSv3 scores of 9.9 and 10.  The two updates were also Hot News patches.
More info.


Schneider
Electric

Patch

Schneider Electric Monthly Patches include 4 new bulletins and 3 updated bulletins. Highest CVSSv3 score of 9.1
More info.

Schneider Electric is aware of multiple vulnerabilities in its StruxureWare Data Center Expert product that could allow a remote attacker to perform remote code execution. CVSSv3 score of 9.1
More info.

Schneider Electric is aware of multiple vulnerabilities in the web server component of the Modicon M340 PLC and the Modicon Quantum and Modicon Premium Legacy and associated communication modules. A remote attacker disclose sensitive information or cause a DoS of the controller, via the web server. CVSSv3 score of 7.5
More info.


Siemens

Patch

Monthly Patches are out for Siemens, with 21 new bulletins and 25 updated bulletins. Highest CVSSv3 score of 10.
More info.

Desigo CC, Desigo CC Compact and Cerberus DMS that use CCOM communication component hosted in IIS contain a deserialisation vulnerability that could allow an unauthenticated attacker to perform remote code execution. CVSSv3 score of 10
More info.

The Siveillance Open Interface Services (OIS) application used for integration of different subsystems to several Siemens building management systems contains a command injection vulnerability that could allow a remote unauthenticated attacker to execute code on the affected system with root privileges. CVSSv3 score of 10
More info.

The latest update for Industrial Edge fixes a vulnerability that could allow an unauthenticated attacker to change the password of any user in the system. With this an attacker could impersonate any valid user on an affected system. CVSSv3 score of 9.8
More info.

The latest update for SIPROTEC 5 relays fixes two vulnerabilities that could allow a remote attacker to cause a denial-of-service or potentially trigger a remote code execution under certain circumstances. CVSSv3 score of 9.8
More info.

A buffer overflow vulnerability in the integrated web server of multiple APOGEE and TALON automation devices could allow a remote attacker to execute arbitrary code on the devices with root privileges. CVSSv3 score of 9.8
More info.

Multiple vulnerabilities in RUGGEDCOM ROX devices have been detected, ranging from command injection to filesystem traversal. An attacker could exploit these to gain root access to the affected devices. CVSSv3 score of 8.8
More info.


Apple

0-Day

Apple has published updates for Safari, macOS, watchOS, iOS and iPadOS. Several security updates address 2 zero-day vulnerabilities in multiple products. An attacker could exploit these vulnerabilities to take control of an affected device. One vulnerability is known to be used to install the Pegasus spyware on iPhones and Apple is aware of a report that this issue may have been actively exploited.
More info. And here.

Processing maliciously crafted web content with Safari may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
More info.

Processing a maliciously crafted PDF on Catalina, Big Sur, Apple Watch, iOS and iPadOS may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
More info. And here. And here. And here.

Processing maliciously crafted web content on Big Sur, iOS, and iPadOS may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
More info. And here.


Google

Exploit

Google has updated Chrome with 11 security fixes, two of which have been exploited in the wild.
More info.


Microsoft

Exploit

Microsoft has updated chromium-based Edge to have the latest updates from Google, including a fix for a vulnerability currently exploited in the wild.
More info.


  

Friday 10 September 2021


Microsoft

Patch

Microsoft has updated chromium-based Edge to include the latest chromium security updates.
More info. And here.


Philips

New

Philips has begun identifying their products that are affected by the Microsoft PetitPotam vulnerability.  CVSSv3 score of 7.5
More info. And here.


IBM

Patch

Security vulnerability have been disclosed by the OpenSSL Project. OpenSSL is used by IBM Sterling Connect:Express for UNIX. CVSSv3 score of 9.8
More info.

There are multiple container environment vulnerabilities in IBM Secure Proxy. Highest CVSSv3 score of 9.8
More info.

Multiple vulnerabilities have been identified in Oracle Java which is shipped with IBM Intelligent Operations Center. Highest CVSSv3 score of 9.8
More info.


Dell

Patch

Dell EMC VxRail Appliance remediation is available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system. Dell rates this Critical.
More info.


QNAP

Patch

QNAP has published 5 new bulletins, 2 rated Critical, 2 rated High, and 1 rated Medium.
More info.

A vulnerability involving insufficient HTTP security headers has been reported to affect QNAP NAS running QTS, QuTS hero, and QuTScloud. This vulnerability allows remote attackers to launch privacy and security attacks.
More info.

Two stack buffer overflow vulnerabilities have been reported to affect QNAP devices running QTS, QuTS hero, and QuTScloud. If exploited, these vulnerabilities allow attackers to execute arbitrary code.
More info.

A stack buffer overflow vulnerability has been reported to affect QNAP NAS running QUSBCam2. If exploited, this vulnerability allows attackers to execute arbitrary code.
More info.

Two stack-based buffer overflow vulnerabilities have been reported to affect QNAP NAS running NVR Storage Expansion. If exploited, these vulnerabilities allow attackers to execute arbitrary code.
More info.

A vulnerability involving insecure storage of sensitive information has been reported to affect QSW-M2116P-2T2S and QNAP switches running QuNetSwitch. If exploited, this vulnerability allows remote attackers to read sensitive information by accessing the unrestricted storage mechanism.
More info.


  

Thursday 9 September 2021


Cisco

Patch

Cisco has published 10 new bulletins, 4 rated High and 6 rated Medium.
More info.

A vulnerability in the IP SLA responder and TWAMP features of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause device packet memory to become exhausted or cause the IP SLA process to crash, resulting in a DoS. CVSSv3 score of 8.6
More info.

A vulnerability in the implementation of the RPKI feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause the BGP process to crash, resulting in a DoS. CVSSv3 score of 6.8
More info.

A vulnerability in the DHCPv4 server feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to trigger a crash of the dhcpd process, resulting in a DoS. CVSSv3 score of 5.8
More info.


Palo Alto
Networks

Patch

Monthly Patches for Palo Alto Networks are out.  Seven bulletins, 5 rated High, 1 rated Medium, and 1 rated Low.
More info.

An improper verification of cryptographic signature vulnerability exists in Cortex XSOAR SAML authentication that enables an unauthenticated remote attacker to access protected resources and perform unauthorized actions on the Cortex XSOAR server. CVSSv3 score of 8.1
More info.

An improper handling of exceptional conditions vulnerability exists in the PAN-OS dataplane that allows an unauthenticated remote attacker to send specifically crafted traffic through the firewall that causes the service to crash. Repeated attempts result in DoS to all PAN-OS services by restarting the device and putting it into maintenance mode. CVSSv3 score of 7.5
More info.


Zoho

Exploit

Zoho has addressed an authentication bypass vulnerability affecting the REST API URLs in ManageEngine's ADSelfService Plus that could result in RCE. This is rated Critical.
More info. And here.


NetApp

New

NetApp has published 5 new bulletins identifying security vulnerabilities in third-party software used in their products.  No patches yet.
More info.


Linux

Patch

Scientific Linux has updated the kernel. More info.
Amazon Linux 2 has updated the kernel. More info.


  

Wednesday 8 September 2021


Microsoft

Exploit

Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that affects Microsoft Windows, and is aware of targeted attacks that attempt to exploit this vulnerability. CVSSv3 score of 8.8
No patch yet.
More info. And here.


Google

Patch

Monthly Patches for Google Android are out with 22 addressed vulnerabilities in addition to the Qualcomm monthly patches. One is rated Critical, 20 rated High, and 1 rated Moderate.
More info.

Monthly Patches are out for Google Pixel, with 2 addressed vulnerabilities in addition to the Google Android and Qualcomm monthly patches.  One is rated High and one Moderate.
More info.


Samsung

Patch

Samsung Monthly Patches are out.  Along with the Google Android patch set, there are 23 addressed vulnerabilities, 2 rated High, the rest Moderate and Low.
More info.


Mozilla

Patch

Mozilla published updates for Firefox, Firefox ESR, and Thunderbird that fix several security vulnerabilities, some rated High.
More info.


ABB

Patch

ABB is aware of vulnerabilities in EIBPORT products. An attacker who successfully exploited these vulnerabilities could access sensitive information stored inside the device and can access the device with root privileges. Highest CVSSv3 score of 9.8 
More info.


Linux

Patch

Oracle Linux has updated the kernel. More info.
Ubuntu has updated the kernel. More info.
Mageia has updated the kernel. More info.


  

Tuesday 7 September 2021


Qualcomm

Patch

Monthly Patches are out for Qualcomm including 10 vulnerabilities, 2 rated Critical, 6 rated High, and 2 rated Medium. Highest CVSSv3 score of 9,.8
More info.


Mitsubishi
Electric

New

Multiple DoS vulnerabilities due to improper handling of exceptional conditions and improper input validation exist in TCP/IP protocol stack of GOT and Tension Controller. A remote attacker may cause a DoS condition of GOT and Tension Controller by sending specially crafted packets.  No patches, only mitigation.
More info.


ABB

New

ABB Base Software for SoftControl contains a security vulnerability that could allow a remote attacker to run arbitrary code. CVSSv3 score of 9.8  No patches yet.
More info.


Synology

Patch

A vulnerability allows remote attackers to bypass security constraints via a susceptible version of Photo Station. This is rated Important.
More info.


  

Friday 3 September 2021


Microsoft

Patch

Microsoft has published an update from chromium-based Edge that includes the latest security updates from Google.
More info. And here.


Advantech

Patch

Advantech WebAccess contains a Stack-based Buffer Overflow vulnerability. Successful exploitation of this vulnerability may allow remote code execution. CVSSv3 score of 9.8
More info.


IBM

Patch

Several security vulnerabilities have been fixed in IBM Security Identity Manager Virtual Appliance.  Highest CVSSv3 score of 9.9
More info.

IBM UrbanCode Deplay contains Eclipse OpenJ9, which is vulnerable to a stack-based buffer overflow. CVSSv3 score of 9.8
More info.


Dell

Patch

Dell EMC VNXe3200 Operating Environment contains remediation for multiple third-party vulnerabilities that may be exploited by remote attackers to compromise the affected system. Dell rates this Critical.
More info.


  

Thursday 2 September 2021


Cisco

Patch

Cisco has published 5 new bulletins, 1 rated Critical and 4 Medium.
More info.

A vulnerability in the TACACS+ AAA feature of Cisco Enterprise NFVIS could allow an unauthenticated, remote attacker to bypass authentication and log in to an affected device as an administrator. CVSSv3 score of 9.8
More info.


Mitsubishi
Electric

New

Mitsubishi Electric reports DoS and RCE vulnerabilities due in Amazon RTOS memory allocation process. This vulnerability could allow a malicious attacker to cause a DoS condition or remotely execute arbitrary code on a target product by providing specially crafted data. Several Wi-fi Interface and Air Conditioning products are vulnerable. CVSSv3 score of 7.7
No updates, only mitigation.
More info.


Xerox

Patch

Xerox has updated FreeFlow Print Server v9 with Oracle and Java updates, fixing multiple security vulnerabilities.
More info.

Xerox has fixed multiple vulnerabilities in AltaLink products.
More info.


NetApp

New

NetApp has published 9 new bulletins identifying security vulnerabilities in third-party software included in their products.  No patches yet.
More info.


  

Wednesday 1 September 2021


Google

Patch

Google has published an update for Chrome for Desktop that includes 27 security fixes.
More info.


Moxa

Patch

Multiple product vulnerabilities were identified in Moxa’s OnCell G3470A-LTE and WDR-3124A Series Cellular/Router, including allowing a remote attacker to achieve RCE.
Addressed CVEs span from 2006 to 2021.
More info.

Multiple product vulnerabilities were identified in Moxa’s TAP-323 Series and WAC-1001/2004 Series Railway Wireless Controllers, including allowing a remote attacker to achieve RCE.
Addressed CVEs span from 2006 to 2021.
More info.


Aruba

Patch

Aruba has released patches for ArubaOS that address multiple security vulnerabilities. Highest CVSSv3 score of 9.8
More info.

HPE has published a bulletin for their ArubaOS products.
More info.


Xerox

Patch

Xerox has updated FreeFlow Print Server v7 with Oracle and Java updates, fixing multiple security vulnerabilities.
More info.


Linux

Patch

Scientific Linux has updated libsndfile, libx11, and the kernel. More info.
CentOS has updated the kernel. More info.


  

Tuesday 31 August 2021


CODESYS

Patch

Crafted communication requests may cause a Null pointer dereference in mutliple CODESYS products and may result in a DoS.  CVSSv3 score of 7.5
More info.

In CODESYS V3, the web server is an optional part of the CODESYS runtime system. Therefore, all CODESYS V3 runtime systems contain the CmpWebServer. Specific web server requests may have read access to private files, which may contain user IDs and password hashes. CVSSv3 score of 7.5
More info.

In CODESYS V3, the web server is an optional part of the CODESYS runtime system. Therefore, all CODESYS V3 runtime systems contain the CmpWebServer. Specific crafted requests may cause a heap-based buffer overflow. Further on this could crash the web server, lead to a DoS or may be utilized for RCE. CVSSv3 score of 9.8
More info.


WAGO

Patch

Multiple vulnerabilities were reported in WIBU-SYSTEMS Codemeter. WIBU-SYSTEMS Codemeter is installed by default during e!COCKPIT and WAGO-I/O-Pro (CODESYS 2.3) installations. CVSSv3 score of 9.1
More info.

The Web-Based Management (WBM) of WAGOs programmable logic controller (PLC) allows specially crafted requests to read and write some special parameters without authentication. CVSSv3 score of 9.8
More info.

WAGO controllers include vulnerable versions of OpenSSL. With special crafted requests it is possible to bring the device out of operation. CVSSv3 score of 7.5
More info.


QNAP

New

An out-of-bounds read vulnerability in OpenSSL has been reported to affect QNAP NAS running QTS, QuTS hero, and QuTScloud. If exploited, the vulnerability allows remote attackers to disclose memory data or execute a denial-of-service (DoS) attack.
More info.


Linux

Patch

Red Hat has updated kpatch, the microcode, and the kernel. More info.
Oracle Linux has updated libsndfile, libx11, and the kernel. More info.
CentOS has updated libx11 and libsndfile. More info.


  

Monday 30 August 2021


Dell

Patch

Dell has published updates for EMC SupportAssist Enterprise that contains remediation for Third-party Component vulnerabilities that may be exploited by malicious users to compromise the affected system. Dell rates this High.
More info.


Linux

Patch

Red Hat has updated libx11 and libsndfile. More info.
Alpine Linux has published a new release. More info.


  

Friday 27 August 2021


Johnson
Controls

Patch

Johnson Controls CEM Systems AC2000 contains an Improper Authorization vulnerability. Under specific conditions, successful exploitation of this vulnerability could allow a remote attacker access to the system without adequate authorization. CVSSv3 score of 8.2
More info. And here.


Delta
Electronics

New

Delta Electronics DIAEnergie contains several vulnerabilities. Successful exploitation of these vulnerabilities could allow an attacker to retrieve passwords in cleartext, remotely execute code, cause a user to carry out an action unintentionally, or log in and use the device with administrative privileges. Highest CVSSv3 core of 9.8
More info.


Annke

Patch

Annke N48PBB (NVR) contains a Stack-based Buffer Overflow vulnerability. Successful exploitation of this vulnerability could allow an unauthenticated remote attacker access to sensitive information and execute arbitrary code. CVSSv3 score of 9.4
More info.


OPC Foundation

Patch

OPC Foundation has pubished an update for a vulnerability in the Local Discovery Server (LDS) that allows remote attackers to cause a denial of service (DoS) by sending carefully crafted messages. CVSSv3 score of 7.5
More info.


NetApp

New

NetApp has published 9 new bulletins identifying security vulnerabilities in third-party software used in their products.  No patches yet.
More info.


NETGEAR

Patch

NETGEAR has released fixes for an authentication bypass security vulnerability in several product models.
More info.


  

Thursday 26 August 2021


Cisco

Patch

Cisco has released 14 new bulletins, 1 rated Critical, 6 rated High, and the rest Medium.
More info.

A vulnerability in an API endpoint of Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Application Policy Infrastructure Controller (Cloud APIC) could allow an unauthenticated, remote attacker to read or write arbitrary files on an affected system. CVSSv3 score of 9.1
More info.

A vulnerability in the VXLAN Operation, Administration, and Maintenance (OAM) feature of Cisco NX-OS Software, known as NGOAM, could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. CVSSv3 score of 8.6
More info.

A vulnerability in the MPLS Operation, Administration, and Maintenance (OAM) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. CVSSv3 score of 8.6
More info.

A vulnerability in the Multi-Pod or Multi-Site network configurations for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to unexpectedly restart the device, resulting in a denial of service (DoS) condition. CVSSv3 score of 8.6
More info.

A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) Mode could allow an unauthenticated, remote attacker to cause a queue wedge on a leaf switch, which could result in critical control plane traffic to the device being dropped. This could result in one or more leaf switches being removed from the fabric. CVSSv3 score of 8.6
More info.


Red Lion

Exploit

A vulnerability in Red Lion’s DA50A and DA70A modular gateways allows an attacker to create arbitrary connections from the subject device to hosts on both internal and external networks. This may allow unauthorized access to connected devices, or the use of the device for malicious and bandwidth-consuming activities such as the sending of unsolicited commercial email. CVSSv3 score of 8.3
This has been used in exploits already.
More info.


Atlassian

Patch

An OGNL injection vulnerability exists that would allow an authenticated user, and in some instances unauthenticated user, to execute arbitrary code on a Confluence Server or Data Center instance.  CVSSv3 score of 9.8
More info.


  

Wednesday 25 August 2021


Hitachi ABB

Patch

Hitachi ABB Power Grids has published updates for FragAttack vulnerabilities in the TropOS products. An attacker could use a weakness in the Wi-Fi protocol to implement a MitM attack, snooping Wi-Fi frames and appending undetected packet fragments that could be used spoof IP address and/or DNS information. A client connected to a TropOS Wi-Fi access point could directed to fake websites, used to extract sensitive data. Highest CVSSv3 score of 10
More info. And here.


IBM

Patch

Vulnerabilities in IBM SDK Java Technology affect IBM Integration Bus, IBM App Connect Enterprise, and IBM Security Directory Suite. Highest CVSSv3 score of 9.8
More info. And here.

Publicly disclosed vulnerabilities in XStream affect Tivoli Netcool Configuration Manager. Highest CVSSv3 score of 9.8
More info.


HPE

Patch

Security vulnerabilities in several HPE Aruba FlexNetworking, Flexfabric, and MSR switches and routers could allow local and remote access or disclosure of information, DoS, and XSS. Highest CVSSv3 score of 7.8
More info.


F5

Patch

F5 has published 35 new security bulletins, with 13 rated High.  Highest CVSSv3 score of 9.9
More info.


VMware

Patch

Multiple vulnerabilities in VMware vRealize Operations have been patched, including an Arbitrary log-file read vulnerability, SSRF, and Broken access control leading to unauthenticated API access. Highest CVSSv3 score of 8.6.
More info.


OpenSSL

Patch

OpenSSL has published a security advisory identifying two vulnerabilities in OpenSSL, one rated High and one Moderate.
More info.


  

Tuesday 24 August 2021


Dell

Patch

Dell EMC ECS has been udpated for multiple security vulnerabilities in third-party software that could be exploited by remote attackers to compromise the affected system. Dell rates this Critical.
More info.

PowerPath Management Appliance has provided updates for tomcat security vulnerabilities that could be exploited by remote attackers to compromise the affected system. Dell rates this High.  Highest CVSSv3 score of 7.5
More info.


Linux

Patch

SUSE has updated systemd. More info.
OpenSUSE has updated systemd. More info.
Red Hat has updated the microcode. More info.
Ubuntu has updated the kernel. More info.


  

Monday 23 August 2021


BD

Patch

BD has published Microsoft and third-party software updates for their products that fix known security vulnerabilities.  The products include FACSAria, Max, Accuri C6 Plus, and EpiCenter.
More info.


F-Secure

Patch

A DoS vulnerability was discovered in F-Secure Atlant whereby the SAVAPI component used in certain F-Secure products can crash while scanning fuzzed files. The exploit can be triggered remotely by an attacker.
More info.


Linux

Patch

Mageia has updated the kernel. More info.


  

ALERT DEFINITIONS

PRODUCT

GUARDED 

This alert state represents the return towards normalisation of an alert state, indicating that there was a higher alert state due to a product vulnerability during the previous few days.


PRODUCT

INCREASED 

This alert state indicates that a product vulnerability has been identified within the last few days. The vulnerability is either difficult to exploit, or if exploited, results in reduced impact to the target system.


PRODUCT

HIGH 

This alert state indicates a more serious vulnerability which is exploitable.


PRODUCT

CRITICAL 

This alert state indicates a significant threat to the product, where exploits exist or where the vulnerability is potentially devastating.


NEW

NEW 

This bottom descriptor is used with a vulnerability which has been identified in the last 24 hours, with no patch or exploit. It will typically be paired with Increased.


+24hrs

+24hrs

 This bottom descriptor is used with Indicates an alert state which has been present for more than 24 hours. It will typically be paired with Guarded, and could be changed to +48hr for an item that came out as Critical.


Patch

PATCH 

This bottom descriptor indicates that patches are available for vulnerabilities, whether it is the initial report or a patch of a vulnerability that had been previously reported.  It could be paired with Increased or High, and on rare occasions Critical.


Exploit

EXPLOIT 

This bottom descriptor indicates that an Exploit has been made public for a vulnerability, whether it is the initial report or an indication of an exploit for a vulnerability that had been previously reported.  It could be paired with High or Critical.


ZERO

ZERO DAY 

This bottom descriptor indicates that a vulnerability has been announced without the opportunity for the vendor to patch it before the details are made known.  It could be paired with High or Critical.


© Computer Network Defence Limited 2021