Vulnerability Details

The Computer Network Defence Alert State is designed to give a granular and more dynamic visualisation of the current cyber security threat.  Any increase in an alert state will occur immediately an issue is detected and it will drop again by one level each working day

Our rationale for this agility is that vulnerabilities often occur in clusters, therefore reducing the alert state again quickly, will increase your visibility of new threats to the same product. Daily reductions in alert state occur at approximately 1900 GMT/UTC. Significant vulnerabilities may remain for longer. Vulnerabilities on this page are predominantly remotely executable, very few local server exploits will be shown.

Friday 20 September 2019

Apple

Patch

Apple has published iOS 13, Safari 13, and watchOS 6 on the security bulletins page, but no details are available at the moment.
More info.


Xerox

Patch

Xerox has published updates for the B1022/B1025 product lines that fixes the VxWorks Urgent/11 vulnerabilities.
More info.


F5

Patch

F5 BIG-IP ASM may expose sensitive information and allow the system configuration to be modified when using non-default settings. The vulnerability is only present in certain rare configurations on multi-bladed systems (VIPRION) with BIG-IP ASM provisioned. A malicious actor may be able to connect to the affected interface to extract and/or modify sensitive information on the system.
More info.


QNAP

Patch

Multiple vulnerabilities have been reported to affect versions of QTS and Photo Station. If exploited, these vulnerabilities may allow an attacker to access or modify paths and files used in system operations, or execute arbitrary code on the system and gain unauthorized access to data.
More info.

A reported buffer overflow vulnerability may affect the noip2 utility found in QNAP NAS devices running QTS. If exploited, the vulnerability could allow attackers to run arbitrary code on the NAS.
More info.


NetApp

New

NetApp has published five security bulletins addressing vulnerabilities in third-party software included in their products.
More info.


Linux

Patch

SUSE has updated python pieces and openssl.  More info.
RedHat has updated the kernel and dovecot.  More info.
Oracle Linux has updated nginx, thunderbird, and patch.  More info.
Debian has updated php and others.  More info.


  

Thursday 19 September 2019

Chrome

Patch

The Stable channel has been updated for Windows, Mac, and Linux. This update includes 4 security fixes, one rated Critical and three rated High.
More info.


Cisco

Patch

A vulnerability in the web-based interface of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to execute a cross-frame scripting (XFS) attack on an affected device.
More info.

A vulnerability in the statistics collection service of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to inject arbitrary values on an affected device.
More info.


WAGO

Patch

WAGO Series PFC100/PFC200 contain an Information Disclosure vulnerability that allows a remote attacker to check paths and file names that are used in filesystem operations.
More info.


Dell/EMC

Patch

Multiple components within Dell EMC Data Protection Central require a security update to address various vulnerabilities.  Dell rates this bulletin Critical.
More info.


Huawei

Patch

There is an improper authentication vulnerability in some Huawei CloudEngine products. Due to the improper implementation of authentication, an attacker could exploit this vulnerability by connecting to the affected products and run a series of commands.
More info.


Shibboleth

Patch

A SAML AuthnRequest with certain content, combined with non-default settings or SAML metadata explicitly resulting in a response including a "persistent" NameID, can bypass the intended controls and disclose a pairwise value meant for a different relying party.
More info.


Linux

Patch

SUSE has updated python, openssl, and libreoffice.  More info.
OpenSUSE has updated chromium.  More info.
CentOS has updated httpd, firefox, and others.  More info.
Ubuntu has updated tomcat and others.  More info.
Amazon Linux has updated the kernel, php, and others.  More info.


  

Wednesday 18 September 2019

Honeywell

Patch

Honeywell has published three new bulletins for their security cameras, covering DoS, Replay Attack, and Unauthenticated Access to Audio vulnerabilities.
More info.


Advantech

Patch

Advantech has published a patch that fixes a previously reported unauthenticated remote stack overflow vulnerability as well as code injection, RCE, and improper authorization vulnerabilities.  CVSSv3 is 9.8.
More info.


Dräger

Patch

Several security vulnerabilities have been discovered in the Dräger Infinity Acute Care System and the Standalone Infinity M540 patient monitors which may cause the device to reboot and/or lose functionality. Information disclosure, DDoS, and device setting modifications are possible.
More info.


TIBCO

Patch

TIBCO Enterprise Runtime for R Server exposes a RCE vulnerability. This vulnerability allows an attacker to gain full control of the operating system account hosting the affected component. In addition to the information flowing through the system, the exposed information might include secrets necessary to issue trusted requests to other TIBCO Spotfire servers. CVSSv3 of 10
More info.

TIBCO Enterprise Runtime for R Server Running On Linux With Containerized TERR Service is vulnerable To RCE. This vulnerability allows an attacker to gain full control of the operating system account hosting the affected component. In addition to the information flowing through the system, the exposed information might include secrets necessary to issue trusted requests to other TIBCO Spotfire servers. CVSSv3 of 9.9.
More info.


Fortinet

Patch

Some models of FortiAnalyzer and FortiManager have a default setting of "Failover", for remote IPMI access; this means that if no cable is plugged in the IPMI port, the IPMI implementation will request an IP address on the regular LAN port of the device, via DHCP requests, making the IPMI interface network accessible. This presents an operational risk, as this default behavior may not be known or understood by administrators of the device; the latter risk is more important if the default IPMI admin passwords have not been changed.
More info.


Linux

Patch

SUSE has updated openssl, firefox, openldap, python, and others.  More info.
OpenSUSE has updated curl.  More info.
CentOS has updated firefox and the kernel.  More info.


  

Tuesday 17 September 2019

VMware

Patch

VMware has multiple vulnerabilities, including plain-text logging of credentials when creating virtual machines.
More info.


Linux

Patch

SUSE has updated django and curl.  More info.
OpenSUSE has updated samba and others.  More info.
RedHat has updated nginx and qpid-proton.  More info.
Oracle Linux has updated thunderbird.  More info.
Ubuntu has updated exim.  More info.


  

Monday 16 September 2019

Simjacker

New

Simjacker is a vulnerability currently being actively exploited by a specific private company that works with governments to monitor individuals. The main Simjacker attack involves an SMS containing a specific type of spyware-like code being sent to a mobile phone, which then instructs the SIM Card within the phone to ‘take over’ the mobile phone to retrieve and perform sensitive commands. During the attack, the user is completely unaware that they received the attack, that information was retrieved, and that it was successfully exfiltrated.  Simjacker has been further exploited to perform many other types of attacks against individuals and mobile operators such as fraud, scam calls, information leakage, denial of service and espionage.
More info.


Thunderbird

Patch

Mozilla has patched seven vulnerabilities, six rated High, in Thunderbird.
More info.


OpenBSD

Patch

OpenBSD has patched libexpat, which contains a heap overflow vulnerability.
More info.


Linux

Patch

OpenSUSE has updated go, python, and others.  More info.
RedHat has updated thunderbird.  More info.
Debian has updated thunderbird.  More info.
Ubuntu has updated wireshark.  More info.
Mageia has updated wireshark, openldap, and others.  More info.


  

Friday 13 September 2019

Avaya

New

Avaya has issued 15 security bulletins for RedHat OS vulnerabilities, listing the products that are based on RHEL.
More info.


Citrix

Patch

Multiple denial of service vulnerabilities have been identified in the Citrix SD-WAN Appliance and Citrix SD-WAN Center Management Console. These vulnerabilities could permit a remote attacker to cause a denial of service by causing a host crash or by causing reduced service capacity due to resource exhaustion.
More info.


Linux

Patch

SUSE has updated curl, python, and others.  More info.
Oracle Linux updated the kernel and others.  More info.
Ubuntu has updated curl, expat, and others.  More info.
Mageia has updated flash, thunderbird, firefox, squid, the kernel, and others.  More info.


  

Thursday 12 September 2019

Philips

New

The Philips WLAN Module in IntelliVue Monitors contains a security vulnerability. An attacker with access to the device’s local area network can cause potential corruption of the WLAN firmware and data flow. Should there be an interruption an inoperative device alert on the device and on its associated central station would appear.
More info.


Bosch

Patch

A recently discovered security vulnerability affects Access Professional Edition (APE) installations. An unauthenticated attacker can achieve unauthorized access to sensitive data by exploiting Windows SMB protocol on a client installation.
More info.

A recently discovered hard-coded credentials security vulnerability affects Access Professional Edition (APE) installations. The vulnerability can be used to achieve unauthorized access to sensitive data of the APE system. This could enable a potential attacker to get unauthorized access to the site.  CVSSv3 score of 9.9
More info.


CODESYS

Patch

A specific crafted request may cause a stack-based buffer overflow and could therefore execute arbitrary code on the CODESYS ENI server or lead to a denial-of-service condition due to a crash in the CODESYS ENI server.  CVSSv3 score of 10.
More info.


Wireshark

Patch

It may be possible to make Wireshark consume excessive CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.
More info.


TrendMicro

Patch

Trend Micro has released updates for Deep Security and Vulnerability Protection that resolves a vulnerability related to XML External Entitiy (XXE) attacks.
More info.


Dell/RSA

Patch

RSA BSAFE Crypto-C Micro Edition and RSA BSAFE Micro Edition Suite updates contain multiple security vulnerabilities that could potentially be exploited by malicious users to compromise the affected system.
More info.


Linux

Patch

RedHat has updated flash, nginx, and others.  More info.
Oracle Linux updated the kernel and firefox.  More info.


  

Wednesday 11 September 2019 - Never Forget

Chrome

Patch

Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Depending on the privileges associated with the application, an attacker could install programs; view, change, or delete data; or create new accounts with full user rights
More info.


ICS

Patch

Delta Electronics TPEditor contains multiple vulnerabilities.  These vulnerabilities can be exploited by processing specially crafted project files, which may allow an attacker to remotely execute arbitrary code.
More info.

OSIsoft PI SQL Client contains a security vulnerability in a third-party component that could allow an attacker to remotely execute code on the client computer with the same permissions as the PI SQL Client user.
More info.

An unauthenticated, remote stack overflow vulnerability was identified in Advantech WebAccess/SCADA.
More info.


F5

New

BIG-IP products contain a vulnerable version of wireshark.  An attacker can leverage this issue to stop the affected application and deny service to legitimate users.
More info.


Avaya

Patch

Avaya one-X Client Enablement Services is built on RHEL6, which contains a vulnerable version of Firefox.
More info.


NetApp

New

NetApp has published four new bulletins covering vulnerabilities in third-party software.
More info.

OnCommand Workflow Automation shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via unspecified vectors.
More info.


Linux

Patch

OpenSUSE has updated nginx and others.  More info.
RedHat has updated firefox, the kernel, and others.  More info.
Ubuntu has updated curl, tomcat, and others.  More info.


  

Tuesday 10 September 2019 - Part 2

Microsoft

Patch

Microsoft Monthly Patches are out, with updates for Microsoft Windows, Internet Explorer, Microsoft Edge, ChakraCore, Microsoft Office and Microsoft Office Services and Web Apps, Adobe Flash Player, Microsoft Lync, Visual Studio, Microsoft Exchange Server, .NET Framework, Microsoft Yammer, .NET Core, ASP.NET, Team Foundation Server, Project Rome.  There are 80 vulnerabilities, with 18 rated Critical, 3 publicly disclosed, and 2 exploited.  28 allow RCE.
More info.  And here.  And here.


Adobe

Patch

Adobe Monthly Patches are out.  There are bulletins for Flash Player and Application Manager.
More info.

Adobe has released security updates for Flash Player for Windows, macOS, Linux and Chrome OS.  Successful exploitation could lead to arbitrary code execution in the context of the current user.
More info.

Adobe has released a security update for the Application Manager installer for Windows.  This update resolves an insecure library loading vulnerability in the installer that could lead to Arbitrary Code Execution.
More info.


OpenSSL

Patch

OpenSSL has published a security update to fix a vulnerability that would allow an attacker with the ability to time the creation of a large number of signatures where explicit parameters with no co-factor present are in use by an application using libcrypto, which may result in full key recovery during an ECDSA signature operation.
More info.


  

Tuesday 10 September 2019

Eaton

Patch

Eaton is aware of potential vulnerabilities in the Intelligent Power Protector (IPP) software.  No further information was provided.
More info.


Siemens

Patch

Today is Siemens Monthly Patch Day.  There are seven new and three updated bulletins.
More info.

Siemens has evaluated DejaBlue in their Healthineer products, and published a list of affected products and remediation or expected patch dates.
More info.

RUGGEDCOM WIN70xx and WIN72xx Base Stations are affected by the VxWorks vulnerabilities published as Urgent/11.  Workaround published for now.
More info.

There is a XSS vulnerability in IE/WSN-PA Link WirelessHART Gateway. Only a workaround is provided.
More info.

A vulnerability could allow an attacker to cause a Denial-of-Service condition on the UDP communicationby sending a specially crafted UDP packet to the SIMATIC TDC CP51M1 module.  This one is patched.
More info.

Multiple Siemens products are vulnerable to TCP SACK PANIC.  Some patches, more coming.
More info.

The latest update for SINEMA Remote Connect Server fixes four vulnerabilities in the web interface.Two of the vulnerabilities are missing protection mechanisms for password guessing and for Cross SiteRequest Forgery attacks, the third one is a missing authentication check, and the fourth one could allowan attacker with administrative privileges to obtain a device password hash.
More info.


Schneider
Electric

Patch

Schneider Electric Monthly Patches are out, with two new and two updated bulletins.
More info.

Schneider Electric is aware of multiple vulnerabilities in its U.motion din rail and touch panel servers.
More info.

Schneider Electric is aware of a vulnerability in its Modicon Quantum 140 NOE771x1 controllers.  An Improper Check for Unusual or Exceptional Conditions vulnerability exists, which could cause a DoS condition.
More info.


SAP

Patch

It's SAP Monthly Patch Day, with 10 new and three updated bulletins.  One new bulletin and the three updates are rated Hot News, one rated High, the rest Medium and Low.
More info.


Linux

Patch

SUSE updated java.  More info.
OpenSUSE has updated opera.  More info.
RedHat has updated bind, the kernel, firefox, and others.  More info.
Oracle Linux has updated the kernel.  More info.
Ubuntu has updated python and memcached.  More info.
Amazon Linux has updated exim.  More info.
Mageia has updated sqllite, java, poppler, php, irssi, tomcat, dovecot, python, and others.  More info.


  

Monday 9 September 2019

Xerox

Patch

Xerox has released updates for WorkCentre to fix the Wind River VxWorks vulnerabilities.
More info.


MicroFocus

Patch

A potential vulnerability has been identified in Service Manager. An HTTP cookie vulnerability could be exploited to allow access to sensitive data in client-side.
More info.


Hitachi

Patch

Multiple vulnerabilities have been found in Hitachi Command Suite and Hitachi Infrastructure Analytics Advisor, including DoS and Information disclosure.
More info.


Apache

Patch

The Traffic Ops API component of the Apache Traffic Control project is vulnerable to improper authentication when LDAP is enabled. Given a username for a user that can be authenticated via LDAP, it is possible to improperly authenticate as that user without that user's correct password.
More info.


Huawei

Patch

There are version downgrade vulnerabilities on smartphones and HiSuite. The device and HiSuite software do not validate the upgrade package sufficiently, so that the system of smartphone can be downgraded to an older version.
More info.


LibreOffice

Patch

LibreOffice has updated to avoid a directory traversal attack where scripts in arbitrary locations on the file system could be executed by employing a URL encoding attack to defeat the path verification step.
More info.

A Windows 8.3 path equivalence handling flaw left LibreOffice vulnerable under Windows that a document could trigger executing LibreLogo via a Windows filename pseudonym.
More info.


Linux

Patch

SUSE updated python pieces, apache, postgresql, mariadb, and others.  More info.
OpenSUSE has updated chromium, exim, and others.  More info.
Arch Linux has updated exim.  More info.
Ubuntu has updated exim.  More info.
Gentoo Linux has updated perl, apache, pango, exim, and others.  More info.
Mageia has updated sqllite, java, poppler, php, irssi, tomcat, dovecot, python, and others.  More info.


  

Friday 6 September 2019

NETGEAR

Patch

NETGEAR has published seven new security bulletins.  Two are Pre-Authentication vulnerabilities, four are for Information Disclosure vulnerabilities, and one is Security Misconfiguration.
More info.


Exim

Patch

If your Exim server accepts TLS connections, a local or remote attacker can execute programs with root privileges. This does not depend on the TLS libray, so both, GnuTLS and OpenSSL are affected. The vulnerability is exploitable by sending a SNI ending in a backslash-null sequence during the initial TLS handshake. The exploit exists as a POC.
More info.


Symantec

New

Symantec Network Protection products using affected versions of the Linux kernel are susceptible to multiple vulnerabilities. A remote attacker can cause denial of service through resource exhaustion and memory corruption.
More info.

Symantec Network Protection products using affected versions of OpenSSL are susceptible to multiple vulnerabilities. An attacker can recover DSA, ECDH, and ECDSA private keys through timing side-channel attacks. A remote attacker can also decrypt encrypted ciphertext and modify OpenSSL configuration and executable engine modules.
More info.


BD

Patch

BD Pyxis, a medication management platform, contains a vulnerability where existing access privileges are not restricted in coordination with the expiration of access based on active directory user account changes when the device is joined to an AD domain.  Note that these devices should not be joined to an AD domain.
More info.  And here.


RedLion

Patch

Red Lion Controls Crimson software contains multiple vulnerabilities, including Use After Free, Improper Restriction of Operations within the Bounds of a Memory Buffer, Pointer Issues, and Use of Hard-coded Cryptographic Key.
More info.  And here.


Dell/EMC

Patch

Dell has published updates for EMC Cloud Tiering Appliance and Cloud Tiering Appliance Virtual Edition that correct security vulnerabilities in third-party software.
More info.


MicroFocus

Patch

A vulnerability in a Kubernetes component used by Micro Focus CDF platform could be exploited to allow unauthorized modification of data and Denial of Service. The out-of-the-box configuration of the Kubernetes component is actually not vulnerable, but because customers may run custom commands, Micro Focus has issued a security bulletin.
More info.


NetApp

New

NetApp has published three bulletins regarding vulnerabilities in third-party software in their products.
More info.


Asterisk

Patch

Asterisk has published two new security bulletins, covering DoS vulnerabilities that could cause the Asterisk server to crash.
More info.  And here.


Linux

Patch

SUSE updated python pieces, nginx, and others.  More info.
Oracle Linux has updated firefox, the kernel, and ghostscript.  More info.
Debian has updated firefox and exim.  More info.


  

Thursday 5 September 2019

NETGEAR

Patch

NETGEAR has published 40 new security bulletins.  Six are Pre-Authentication vulnerabilities, while 26 are for Post-Authentication vulnerabilities.  Stored XSS, DoS, and SQL Injection make up the remaining bulletins.
More info.


Dell

Patch

Data Protection Central contains an Improper Certificate chain of trust vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability by obtaining a CA signed certificate from Data Protection Central to be able to impersonate a valid system to compromise the integrity of data.
More info.

The Oracle database components in RSA Identity Governance and Lifecycle and RSA Via Lifecycle and Governance require a security update to address various vulnerabilities.
More info.


Xerox

Patch

Xerox has updated Oracle, Java, and Firefox in their FreeFlow Print Servers.
More info.  And here.


F-Secure

Patch

A vulnerability was discovered in the web user interface of the F-Secure Security and F-Secure Email and Server Security product. The authentication on the web user interface can be bypassed which will grant administrator privileges of the product.  This issue and a Proof-of-Concept exploit was reported privately to F-Secure.  Default configuration only allows localhost access.
More info.


NetApp

New

NetApp has published three bulletins regarding vulnerabilities in third-party software in their products.
More info.


Cisco

Patch

Cisco has published eight bulletins, 2 rated High, 5 Medium, and 1 Informational.
More info.

A vulnerability in the “plug-and-play” services component of Cisco Industrial Network Director (IND) could allow an unauthenticated, remote attacker to access sensitive information on an affected device.
More info.

A vulnerability in the Cisco Webex Teams client for Windows could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected system.An attacker could exploit this vulnerability by convincing a targeted user to visit a website designed to submit malicious input to the affected application.
More info.


Linux

Patch

SUSE updated java, python, and the kernel.  More info.
RedHat has updated firefox, chromium, and others.  More info.
Ubuntu has updated firefox, and irssi.  More info.


  

Wednesday 4 September 2019

Android

Patch

Google has published the Android Monthly Patches bulletin.  There are 35 addressed vulnerabilities, plus Qualcomm.  Two of the vulnerabilities are rated Critical and allow RCE, the rest are rated High.
More info.

The Pixel Monthly bulletin addresses 46 vulnerabilities.  Two are rated High, the rest Moderate.
More info.


Qualcomm

Patch

Qualcomm Monthly Patches are out, with 13 vulnerabilities, 2 rated Critical, the rest rated High.
More info.


Firefox

Patch

Mozilla has fixed multiple security vulnerabilities in the latest releases of Firefox and Firefox ESR.
More info.  And here.  And here.

Tor has released a new version with security fixes to Firefox included.
More info.


CA

Patch

CA Common Services, in the Distributed Intelligence Architecture (DIA) component, contains a vulnerability that can allow a remote attacker to execute arbitrary code.
More info.


EZAutomation

Patch

In EZAutomation EZ Touch Editor and EZ PLC Editor an attacker could use a specially crafted project file to overflow the buffer and execute code under the privileges of the application. 
More info.  And here.


Aruba

Patch

Aruba has released updates to ArubaOS that address serious vulnerabilities present in some versions running on the Aruba Mobility Controller. An attacker could use these vulnerabilities to execute arbitrary code on the underlying operating system with full system privileges.
More info.


Linux

Patch

SUSE updated php, java, and others.  More info.
OpenSUSE has updated postgresql and others.  More info.
Arch Linux has updated firefox and webkit2gtk.  More info.
RedHat has updated the kernel and others.  More info.
Oracle Linux has updated squid and others.  More info.


  

Tuesday 3 September 2019

SuperMicro

New

A group of vulnerabilities named "USBAnywhere," leverages several newly discovered vulnerabilities in the firmware of BMC controllers that could let an unauthorized, remote attacker connect to a Supermicro server and virtually mount malicious USB device.
More info.


Linux

Patch

SUSE updated php and others.  More info.
OpenSUSE has updated go, apache, libreoffice, and others.  More info.
Ubuntu has updated the kernel.  More info.


  

Monday 2 September 2019

IBM

Patch

IBM is reporting new software versions for the Vyatta 5600 vRouter correcting multiple vulnerabilities.  Highest CVSSv3 is 9.8
More info.  And here.


CheckPoint

Patch

In a rare scenario, R80.30 Security Gateway managed by R80.30 Security Management crashes when Threat Prevention Forensics feature is enabled.
More info.

Check Point Endpoint Security Initial Client for Windows tries to load a DLL placed in any PATH location on a clean image without Endpoint Client installed.
More info.


Linux

Patch

SUSE updated the the kernel and perl, django, and others.  More info.
RedHat has updated squid, java, and others.  More info.
Debian has updated nghttp2.  More info.
Gentoo Linux has updated dovecot and others.  More info.
Mageia has updated webmin, pango, python, memcached, and others.  More info.


  

ALERT DEFINITIONS

PRODUCT

GUARDED 

This alert state represents the return towards normalisation of an alert state, indicating that there was a higher alert state due to a product vulnerability during the previous few days.


PRODUCT

INCREASED 

This alert state indicates that a product vulnerability has been identified within the last few days. The vulnerability is either difficult to exploit, or if exploited, results in reduced impact to the target system.


PRODUCT

HIGH 

This alert state indicates a more serious vulnerability which is exploitable.


PRODUCT

CRITICAL 

This alert state indicates a significant threat to the product, where exploits exist or where the vulnerability is potentially devastating.


NEW

NEW 

This bottom descriptor is used with a vulnerability which has been identified in the last 24 hours, with no patch or exploit. It will typically be paired with Increased.


+24hrs

+24hrs

 This bottom descriptor is used with Indicates an alert state which has been present for more than 24 hours. It will typically be paired with Guarded, and could be changed to +48hr for an item that came out as Critical.


Patch

PATCH 

This bottom descriptor indicates that patches are available for vulnerabilities, whether it is the initial report or a patch of a vulnerability that had been previously reported.  It could be paired with Increased or High, and on rare occasions Critical.


Exploit

EXPLOIT 

This bottom descriptor indicates that an Exploit has been made public for a vulnerability, whether it is the initial report or an indication of an exploit for a vulnerability that had been previously reported.  It could be paired with High or Critical.


ZERO

ZERO DAY 

This bottom descriptor indicates that a vulnerability has been announced without the opportunity for the vendor to patch it before the details are made known.  It could be paired with High or Critical.


© Computer Network Defence Limited 2019