Vulnerability Details

The Computer Network Defence Alert State is designed to give a granular and more dynamic visualisation of the current cyber security threat.  Any increase in an alert state will occur immediately an issue is detected and it will drop again by one level each working day

Our rationale for this agility is that vulnerabilities often occur in clusters, therefore reducing the alert state again quickly, will increase your visibility of new threats to the same product. Daily reductions in alert state occur at approximately 1900 GMT/UTC. Significant vulnerabilities may remain for longer. Vulnerabilities on this page are predominantly remotely executable, very few local server exploits will be shown.

Friday 06 December 2019

OpenBSD

Patch

An authentication-bypass vulnerability exists in OpenBSD's authentication system: this vulnerability is remotely exploitable in smtpd, ldapd, and radiusd.
More info.


BD

New

BD integrates CylancePROTECT for certain BD products. An issue within CylancePROTECT was publicly disclosed in July. This vulnerability could allow an attacker to bypass the anti-malware component of the product, which would allow malware to run on the system. BD is currently testing the updates with their products.
More info.


IBM

Patch

IBM ToolsCenter Dynamic System Analysis (DSA) Preboot is affected by multiple vulnerabilities.
More info.

IBM DataPower Gateway contains a vulnerability in IPMI. If IPMI over LAN Is enabled, a default administrator account is also enabled.
More info.


VMware

Patch

A malicious actor with network access to port 427 on an ESXi host or on any Horizon DaaS management appliance may be able to overwrite the heap of the OpenSLP service resulting in remote code execution.  CVSSv3 of 9.8
More info.


Fortinet

Patch

Use of a hardcoded cryptographic key in the FortiGuard services communication protocol may allow a Man in the middle with knowledge of the key to eavesdrop on and modify information sent and received from Fortiguard servers by decrypting these messages.
More info.


Netgear

Patch

NETGEAR has released fixes for a pre-authentication stack overflow security vulnerability on multiple product models.
More info.


Linux

Patch

SUSE has clamav and others.  More info.
Arch Linux has updated crypto++ and thunderbird.  More info.
RedHat has updated firefox and java.  More info.
Oracle Linux has updated firefox.  More info.
Ubuntu has updated rabbitmq.  More info.
Mageia has updated phpmyadmin, clamav, openssl, and others.  More info.


  

Thursday 05 December 2019

Netgear

Patch

Netgear has published 55 new bulletins for various products, fixing vulnerabilities that include Stored XSS, DoS, Information Disclosure, Authentication Bypass, Hardcoded Pasword, and Pre-Authentication Buffer Overflow.
More info.


Palo Alto

Patch

The OpenSSL library has been updated in PAN-OS to resolve a cryptographic vulnerability that under certain situations may allow a remote attacker to decrypt data by observing server responses to different types of errors.
More info.


Weidmüller

Patch

Several Weidmüller Industrial Ethernet managed switches contain multiple vulnerabilities, including credentials transmitted and stored in plaintext, predictable cookie info allowing admin compromise, and no brute-force protection.
More info.  And here.


Mozilla

Patch

Mozilla has published an update for Thunderbird that fixes several High and Moderate vulnerabilities.
More info.


Avaya

Patch

Avaya has published updates to correct defaults settings for the CORS filter which are insecure and enable 'supportsCredentials' for all origins.  Most customers will have changed the defaults, but this is a CVSSv3 of 9.8
More info.

Avaya has also updated the underlying RedHat OS to correct several security vulnerabilities.
More info.


Wireshark

Patch

It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.
More info.


NetApp

New

NetApp has published a bulletin outlining vulnerabiltiies in the Linux kernel used in their products.  No fixes yet.
More info.


Linux

Patch

Oracle Linux has updated the microcode.  More info.
Ubuntu has updated squid and haproxy.  More info.


  

Wednesday 04 December 2019

Johnson
Controls

Patch

Johnson Controls has reported on four vulnerabilities impacting the Flexera FlexNet Publisher licensing manager which is installed with and used by the Software House C•CURE 9000 application. Vulnerabilities that could be exploited by remote attackers include DoS and RCE.
More info.


Dell

New

Dell has published a bulletin outlining the TCP SACK vulnerabilities in the EMC Enterprise Hybrid Cloud product. No patches yet, only workarounds.
More info.


Huawei

Patch

Huawei has published 14 new bulletins, covering DoS, OOB read, improper authorization, RCE, and other vulnerabilities in several products.
More info.


Mozilla

Patch

Mozilla has patched several High and Moderate vulnerabilities in Firefox and Firefox ESR, some resulting in a potentially exploitable crash.
More info.


Linux

Patch

OpenSUSE has updated haproxy.  More info.
Arch Linux has updated firefox.  More info.
CentOS has updated the kernel.  More info.
Scientific Linux has updated tcpdump and others.  More info.


  

Tuesday 03 December 2019

Google

Patch

Google has published their Monthly Patches for Android.  21 vulnerabilities are addressed, plus Qualcomm vulnerabilities.  Three are rated Critical, 16 are rated High.
More info.

Google has also published the Monthly Patches bulletin for Pixel.  Eight security vulnerabilities, one rated Critical, one rated High, the rest Moderate.
More info.


Hitachi

Patch

Hitachi has published updates to correct multiple vulnerabilities in Cosminexus HTTP Server.
More info.


Fronius

Patch

The solar inverter series of Fronius are prone to different application based vulnerabilities. Beside the unencrypted HTTP communication other issues like path traversal and outdated software was identified in the firmware of the devices. A backdoor user was found to be present on the device that changes its password every day and can be predicted when the algorithm is known. The vendor automatically performed a fleet update of the solar inverters in the field in order to patch them. Nevertheless, as not all devices could be reached through such an update, all remaining users are advised to install the patches provided by the vendor immediately.
More info.


Linux

Patch

RedHat has updated the kernel, python-jinja2, and others.  More info.
Ubuntu has updated the kernel.  More info.


  

Monday 02 December 2019

Moxa

New

Multiple product vulnerabilities were identified in Moxa’s AWK-3121 Series Industrial AP/Bridge/Client, including Command Injection, XSS, buffer overflow, HTTP default, open wifi, telnet, improper access control, and XSRF.  Product is EOS, no fixes.
More info.


Qualcomm

Patch

Qualcomm Monthly Patches for December are out.  Three vulnerabilities are rated Critical, seven are High, and one is Medium.  Vulnerabilities include information exposure, buffer overread, buffer overflow, improper access control, DoS, and others.
More info.


Novell

Patch

An update for Privileged Account Manager 3.6 patches an Intel CPU vulnerability.
More info.


Linux

Patch

SUSE has updated haproxy and python django.  More info.
OpenSUSE has updated clamav, strongswan, cpio, phpmyadmin, and others.  More info.
Ubuntu has updated sqlite.  More info.
Mageia has updated chromium, glibc, libssh, curl, and others.  More info.


  

Friday 29 November 2019

Fortinet

Patch

Fortinet has reported on TCP Sack vulnerabilities in the linux OS versions used in several products. Patches for some, workarounds for others.
More info.


Linux

Patch

SUSE has updated ucode-intel and others.  More info.
Debian has updated libvpx.  More info.
Ubuntu has updated psutil.  More info.


  

Thursday 28 November 2019

Dräger

Patch

All versions of the Dräger SC Monitoring product line are affected by a DoS vulnerability, a malformed network packet may cause the monitor to reboot, and Plain-text credentials in source code.  This product line is EOS since Dec. 2011.
More info.


QNAP

Patch

Several vulnerabilities in QTS and Photo Station allow remote attackers to modify files or run arbitrary code.
More info.

A stored cross-site scripting (XSS) vulnerability has been reported to affect multiple versions of QTS. If exploited, this vulnerability may allow an attacker to inject and execute scripts on the administrator console.
More info.

Several vulnerabilities in QTS, Video Station and Music Station allow remote attackers to access system files or execute XSS attacks.
More info.


BlackBerry

Patch

BlackBerry has published the November bulletin for BlackBerry powered by Android.
More info.


PHP

Patch

The latest update of PHP includes security fixes for heap buffer overflow in exif, an underflow in FPM that can lead to RCE, as well as lots of bug fixes.
More info.


Linux

Patch

SUSE has updated java.  More info.
Debian has updated haproxy.  More info.
Oracle Linux has updated tcpdump.  More info.
Ubuntu has updated nss.  More info.


  

Wednesday 27 November 2019

F5

Patch

An attacker with access to the device communication between the BIG-IP ASM Central Policy Builder and the BIG-IQ/Enterprise Manager/F5 iWorkflow will be able to set up the proxy the same way and intercept the traffic, allowing the attacker to impersonate the BIG-IP ASM Central Policy Builder and send corrupted or incorrect suggestion data to the BIG-IQ/Enterprise Manager/F5 iWorkflow. This may lead to incorrect policy building suggestions or a partial denial-of-service (DoS).
More info.

Under certain conditions, the Traffic Management Microkernel (TMM) may consume excessive resources when processing traffic for a virtual server with the FIX (Financial Information eXchange) profile applied resulting in DoS.
More info.

BIG-IP APM ignores the Restrict to Single Client IP option for Native RDP resources. An unauthorized client machine can launch an RDP session to a back-end resource server in an APM session.
More info.

When the BIG-IP system is configured in HTTP/2 full proxy mode, specifically crafted requests may cause a disruption of service provided by the Traffic Management Microkernel (TMM).
More info.

Undisclosed traffic flow may cause the TMM to restart under some circumstances, allowing a remote attacker to cause a DoS. This issue occurs on multi-blade chassis.
More info.

Resource starvation due to a memory leak may cause the TMM to restart, leading to DoS or failover in a high availability (HA) environment.
More info.

When BIG-IP ASM Bot Detection is configured, a malicious actor may be able to inject invalid DNS responses that will be cached indefinitely, bots that would normally be classified as legitimate may be classified as malicious.
More info.


TP-Link

Patch

TP-LINK TL-WR841N routers contain a flaw within the web service that listens on TCP port 80 by default. When parsing the Host request header, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length static buffer. An attacker can leverage this vulnerability to execute arbitrary code as the admin user.
More info.


Symantec

Patch

Symantec Critical System Protection (CSP) may be susceptible to an authentication bypass vulnerability. CVSSv3 of 9.4
More info.


IBM

Patch

IBM QRadar Network Packet Capture is vulnerable to several flaws in OpenSSL and Python.
More info.


HP

Patch

HP has identified an issue affecting VNC session security within HP Device Manager that could potentially be leveraged to create unauthorized connections.
More info.


NetApp

New

NetApp has published three bulletins documenting vulnerabilities in third-party software.  No fixes yet.
More info.


Xerox

Patch

Xerox has updated several FreeFlow Print Server models with the October Oracle CPU.
More info.


Linux

Patch

Ubuntu has updated thunderbird, ruby, and redmine.  More info.


  

Tuesday 26 November 2019

F5

Patch

BIG-IP configurations using Active Directory, LDAP, or Client Certificate LDAP for management authentication with multiple servers are exposed to a vulnerability which allows an authentication bypass. This can result in a complete compromise of the system. This issue only impacts specific engineering hotfixes.  CVSSv3 of 9.8
More info.

F5 BIG-IP and SSL Orchestrator products contain vulnerable versions of Node.js.  The Node.js inspector is vulnerable to a DNS rebinding attack which could be exploited to perform remote code execution.
More info.


Meinberg

Patch

The RSA, DSA and ED25519 keys were not created during initial generation of the SSH keys on first startup or when restoring factory settings in LANTIME versions. As a result, these keys were replaced with default values which theoretically allow attackers to set up man-in-the-middle attacks,  There are also updates to correct 3rd party software vulnerabilities.
More info.


Linux

Patch

SUSE has updated mailman, libssh, sqlite, clamav, strongswan, and others.  More info.
RedHat has updated the kernel and python jinja.  More info.


  

Monday 25 November 2019

Dell

Patch

Dell EMC Storage Monitoring and Reporting  contains a Java RMI Deserialization of Untrusted Data vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability by sending a crafted RMI request to execute arbitrary code on the target host.
More info.


Kaspersky

Patch

Kaspersky Lab has fixed a security issue in Kaspersky Password Manager that could potentially lead remote unauthorized access by 3rd parties to information about address items which are stored in the vault while it is in unlocked state.
More info.

Kaspersky has fixed several security problems in Anti-Virus products family for Windows, including multiple Bypass vulnerabilities, DoS, and Information Disclosure.
More info.


Linux

Patch

OpenSUSE has updated haproxy, apache perl, java, and others.  More info.
RedHat has updated sdl, chromium, python, and others.  More info.
Oracle Linux has updated php, the kernel, sudo, and others.  More info.
Debian has updated chromium.  More info.
Gentoo Linux has updated firefox, chromium, flash, and others.  More info.
Amazon Linux updated python.  More info.
Amazon Linux 2 has updated the kernel, python, ntp, and rsyslog.  More info.


  

Friday 22 November 2019

Flexera

Patch

Flexera has published an update for FlexNet Publisher.  Because the message reading function calls itself recursively given a certain condition in the received message, an unauthenticated remote attacker can repeatedly send messages of that type to cause a stack exhaustion condition.
More info.

A Denial of Service vulnerability related to command handling has been identified in FlexNet Publisher. The message reading function used in lmadmin.exe can, given a certain message, call itself again and then wait for a further message. With a particular flag set in the original message, but no second message received, the function eventually return an unexpected value which leads to an exception being thrown. The end result can be process termination.
More info.


Dell

Patch

Dell has published an update for RSA NetWitness Logs and Network Security for multiple third party component vulnerabilities.
More info.


Xerox

Patch

Xerox has published three new bulletins that address third-party software updates in several FreeFlow Print Server models.
More info.


Asterisk

Patch

A SIP request can be sent to Asterisk that can change a SIP peer’s IP address. A REGISTER does not need to occur, and calls can be hijacked as a result. The only thing that needs to be known is the peer’s name; authentication details such as passwords do not need to be known.
More info.

If Asterisk receives a re-invite initiating T.38 faxing and has a port of 0 and no c line in the SDP, a crash will occur.
More info.


QNAP

Patch

Three vulnerabilities are reported to affect all versions of Helpdesk, Music Station, and File Station. An improper access control vulnerability in Helpdesk allows attackers to access the system logs. A command injection vulnerability in Music Station allows attackers to execute commands on the affected device. A command injection vulnerability in File Station allows attackers to execute commands on the affected device.
More info.


NetApp

New

NetApp has pubilished five new bulletins for third party software vulnerabilities in their products.
More info.


Linux

Patch

OpenSUSE has updated chromium and squid.  More info.


  

Flexera

Patch

Flexera has published an update for FlexNet Publisher.  Because the message reading function calls itself recursively given a certain condition in the received message, an unauthenticated remote attacker can repeatedly send messages of that type to cause a stack exhaustion condition.
More info.

A Denial of Service vulnerability related to command handling has been identified in FlexNet Publisher. The message reading function used in lmadmin.exe can, given a certain message, call itself again and then wait for a further message. With a particular flag set in the original message, but no second message received, the function eventually return an unexpected value which leads to an exception being thrown. The end result can be process termination.
More info.


Dell

Patch

Dell has published an update for RSA NetWitness Logs and Network Security for multiple third party component vulnerabilities.
More info.


Xerox

Patch

Xerox has published three new bulletins that address third-party software updates in several FreeFlow Print Server models.
More info.


Asterisk

Patch

A SIP request can be sent to Asterisk that can change a SIP peer’s IP address. A REGISTER does not need to occur, and calls can be hijacked as a result. The only thing that needs to be known is the peer’s name; authentication details such as passwords do not need to be known.
More info.

If Asterisk receives a re-invite initiating T.38 faxing and has a port of 0 and no c line in the SDP, a crash will occur.
More info.


QNAP

Patch

Three vulnerabilities are reported to affect all versions of Helpdesk, Music Station, and File Station. An improper access control vulnerability in Helpdesk allows attackers to access the system logs. A command injection vulnerability in Music Station allows attackers to execute commands on the affected device. A command injection vulnerability in File Station allows attackers to execute commands on the affected device.
More info.


NetApp

New

NetApp has pubilished five new bulletins for third party software vulnerabilities in their products.
More info.


Linux

Patch

OpenSUSE has updated chromium and squid.  More info.


  

Thursday 21 November 2019

ClamAV

Patch

A Denial-of-Service (DoS) vulnerability may occur when scanning a specially crafted email file as a result of excessively long scan times.
More info.


IBM

Patch

There is inadequate account lockout in IBM Cloud Pak System formerly known as IBM PureApplication System. IBM Pure Application System uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials.
More info.

XStream as used by IBM QRadar SIEM is vulnerable to OS command injection.
More info.


NetApp

Patch

ONTAP Select Deploy administration utility is susceptible to a code injection vulnerability which when successfully exploited could allow an unauthenticated remote attacker to enable and use a privileged user account. CVSSv3 of 10.
More info.


Cisco

Patch

Cisco has published 14 new bulletins and updated 2 bulletins.  All the new bulletins are rated Medium, the 2 updated bulletins are rated High.
More info.


Huawei

Patch

There is a use of insufficiently random values vulnerability in Huawei ViewPoint products. An unauthenticated, remote attacker can guess information by a large number of attempts. Successful exploitation may cause information leak.
More info.


BIND

Patch

On a server with TCP-pipelining capability, it is possible for one TCP client to send a large number of DNS requests over a single connection. Each outstanding query will be handled internally as an independent client request, thus bypassing the new TCP clients limit.
More info.


Linux

Patch

SUSE has updated the kernel and python-ecdsa.  More info.
OpenSUSE has updated chromium and others.  More info.
Oracle Linux has updated the kernel, glibc, and openssl.  More info.
Ubuntu has updated bind and mariadb.  More info.


  

Wednesday 20 November 2019

CODESYS

Patch

The CODESYS web server is used by the CODESYS WebVisu to display CODESYS visualization screens in a web browser. Specific crafted requests may cause a heap-based buffer overflow, which could crash the web server, lead to a denial-of-service condition or may be utilized for remote code execution.  CVSSv3 of 10.
More info.


Flexera

Patch

Bulletins for vulnerabilities patched in FlexNet Publisher in April are making the rounds.  Note that one of the vulnerabilities is CVSSv3 9.8, RCE, so if you haven't updated, you should.
More info.


Moxa

Patch

A DoS vulnerability using PROFINET DCE-RPC endpoint discovery packets was identified in Moxa’s EDS-G508E, EDS-512E, and EDS-516E Series Ethernet Switches.
More info.

An improper sanitization vulnerability was identified in Moxa’s EDR-810 Series Secure Routers. A specially crafted HTTP POST could possibly trigger arbitrary command injection.
More info.


Microsoft

Patch

A spoofing vulnerability exists in the way Microsoft Outlook for Android software parses specifically crafted email messages. An authenticated attacker could exploit the vulnerability by sending a specially crafted email message to a victim. The attacker who successfully exploited this vulnerability could then perform cross-site scripting attacks on the affected systems and run scripts in the security context of the current user.
More info.


Fortiguard

Patch

Use of a hardcoded cryptographic key in the FortiGuard services communication protocol may allow a Man in the middle with knowledge of the key to eavesdrop on and modify information.
More info.

Use of a hard-coded cryptographic key to cipher sensitive data in FortiOS configuration backup file may allow an attacker with access to the backup file to decipher the sensitive data, via knowledge of the hard-coded key.
More info.


Linux

Patch

Mageia has updated mariadb, the kernel, the microcode, clamav, and others.  More info.


  

Tuesday 19 November 2019

IBM

Patch

IBM WebSphere Application Server Liberty contains a vulnerability resulting in improper handling of request headers, which can affect IBM Spectrum Protect Operations Center. A remote attacker could exploit this vulnerability to cause the consumption of Memory.
More info.

Two vulnerabilities in curl affect PowerSC. An integer overflow in curl's URL API results in a buffer overflow and a heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution.
More info.


Micro Focus

New

A potential vulnerability has been identified in Operations Agent. The vulnerability could be exploited to perform an XXE attack on Operations Agent.
More info.


Chrome

Patch

Google has released an update for Chrome for Destop that fixes 5 security issues.
More info.


Linux

Patch

SUSE has updated java and others.  More info.
RedHat has updated the kernel-rt.  More info.


  

Monday 18 November 2019

Linux

Patch

SUSE has updated the microcode, enigmail, and others.  More info.
OpenSUSE has updated the microcode and go.  More info.
Debian has updated mosquitto and thunderbird.  More info.
Ubuntu has updated mysql and python-ecdsa.  More info.
Amazon Linux and Amazon Linux 2 has updated the microocde.  More info.


  

Friday 15 November 2019

Omron

Patch

Omron CX-Supervisor ships with Teamviewer. This version of Teamviewer is vulnerable to an obsolete function vulnerability requiring user interaction to exploit. Successful exploitation of this vulnerability could result in information disclosure, total compromise of the system, and system unavailability.
More info.


McAfee

Patch

McAfee has patched OpenSSL SSL 3.0 in their products.  CVEs from 2014...
More info.


F5

Patch

When the BIG-IP APM system processes certain requests, the apd/apmd process may consume excessive resources, resulting in DoS.
More info.

On BIG-IP systems the default management port firewall rules are not reliably reinstalled after first boot. As a result, the management port may be exposed to traffic on unauthorized ports.
More info.

The BIG-IP / BIG-IQ / Enterprise Manager / F5 iWorkflow Configuration utility is vulnerable to Anti DNS Pinning (DNS Rebinding) attack.
More info.

iControl REST logs a plaintext password when the syntax of a cURL request is incorrect. Disclosure of the BIG-IP system's device password can lead to other exploits.
More info.

Undisclosed HTTP requests may consume excessive amounts of system resources, which may cause a denial-of-service (DoS). The affected BIG-IP system enters into a loop with the Traffic Management Microkernel (TMM) process handling the restarted request. The BIG-IP system fails over in a high availability (HA) environment, which results in an interruption in traffic processing.
More info.

BIG-IP virtual servers with TLS 1.3 enabled may experience a denial-of-service (DoS) due to undisclosed incoming messages.
More info.


Fortiguard

Patch

Multiple integer overflow and out of bounds read/write vulnerabilities in the SSL VPN web-mode SSH client may allow an unauthenticated attacker to cause the SSL VPN user session to break (Denial of service) and possibly to run arbitrary code via specially crafted packets sent from a malicious SSH server.
More info.


Huawei

Patch

Some Huawei home routers have an input validation vulnerability and an improper authorization vulnerability. An attacker can obtain files in the device and upload files to some directories, and execute uploaded malicious files and escalate privilege.
More info.

There is an improper access control vulnerability in Huawei Share. The software does not properly restrict access to certain file from certain application. An attacker tricks the user into installing a malicious application then establishing a connect to the attacker through Huawei Share, successful exploit could cause information disclosure.
More info.


Linux

Patch

SUSE has updated squid, bash, and the kernel.  More info.
CentOS has updated the kernel, microcode, thunderbird, and others.  More info.
Oracle Linux has updated the kernel.  More info.
Debian has updated postgresql and ghostscript.  More info.
Ubuntu has updated postgresql and ghostscript.  More info.
Scientific Linux has updated the kernel and ghostscript.  More info.
Amazon Linux 2 has updated openssl and others.  More info.


  

Thursday 14 November 2019

Dell

Patch

Dell has pubished a security bulletin rated Critical.  Oracle JRE within Dell EMC Storage Monitoring and Reporting requires a security update to address various vulnerabilities.
More info.


Xerox

Patch

Xerox has published updates that apply the October Microsoft updates and Java and Firefox updates to the FreeFlow Print Server.
More info.


F5

New

An attacker can use Function inside of vulnerable versions of lodash to execute malicious code using the Traffic Management User Interface (TMUI) or iControl REST API.
More info.


Synology

Patch

A vulnerability allows remote attackers to conduct denial-of-service attacks via a susceptible version of Synology Assistant.
More info.


Linux

Patch

SUSE has updated the kernel and microcode.  More info.
OpenSUSE has updated the kernel, microcode, and others.  More info.
Arch Linux has updated the microcode.  More info.
RedHat has updated the kernel.  More info.
CentOS has updated the kernel, microcode, thunderbird, and others.  More info.
Oracle Linux has updated the kernel.  More info.
Debian has updated the kernel, microcode, and others.  More info.
Scientific Linux has updated the kernel.  More info.


  

Wednesday 13 November 2019

Microsoft

Patch

Microsoft Monthly Patches are out.  There is a total of 74 vulnerabilities, including two advisories. 14 of the vulnerabilities are rated critical. Two vulnerabilities had been disclosed prior to today, and one critical scripting engine vulnerability that may lead to RCE has already been exploited in the wild.
More info.  And here.  And here.

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.  This is actively being exploited.
More info.


Adobe

Patch

Adobe Monthly Patches are out.  Adobe has released security updates to address vulnerabilities in Animate CC 2019, Illustrator CC, Media Encoder, and Bridge CC. An attacker could exploit some of these vulnerabilities to take control of an affected system.
More info.


Intel

Patch

Intel has published 18 bulletins, two rated Critical and eight rated High.
More info.

Potential security vulnerabilities in Intel Baseboard Management Controller (BMC) firmware may allow escalation of privilege, denial of service and/or information disclosure.
More info.

Potential security vulnerabilities in Intel CSME, Intel SPS, Intel TXE, Intel AMT, Intel PTT, and Intel DAL may allow escalation of privilege, denial of service or information disclosure.
More info.

Lenovo has published updates for the Intel vulnerabilities.  More info.
Supermicro has published updates.  More info.
HP has published updates.  More info.
Dell has published updates.  More info.
FreeBSD has updated for two Intel vulnerabilities.  More info.
Citrix has updated.  More info.
Xen has updated.  More info.
NetApp has published eight bulletins.  More info.


Philips

New

Philips has become aware of a potential issue with inadequate encryption strength associated with the Philips IntelliBridge EC40 and EC80 Hub. Successful exploitation of this issue may allow an unauthorized user access to the hub, and may allow access to execute software, modify system configuration, or view/update files, including unidentifiable patient data.
More info.


McAfee

Patch

An ePolicy Orchestrator update fixes multiple Java vulnerabilities that can allow Information Exposure, DoS, and Information Modification.
More info.

Unprotected Transport of Credentials in ePO extension in McAfee Data Loss Prevention allows remote attackers with access to the network to collect login details to the LDAP server via the ePO extension not using a secure connection when testing LDAP connectivity.
More info.


F5

New

Traffix SDC is vulnerable to issues in libpcap.
More info.


Linux

Patch

SUSE has updated the kernel, python, dhcp, and others.  More info.
Arch Linux has updated the kernel and others.  More info.
RedHat has updated the kernel.  More info.
Oracle Linux has updated the kernel.  More info.
Ubuntu has updated the kernel and others.  More info.


  

Tuesday 12 November 2019

SAP

Patch

SAP Monthly Patches are out.  There are 12 new security notes and three updated ones.  All of the updated notes are rated Hot News, one new bulletin is rated Hot News, one is High, the rest are Medium.  Three bulletins address missing authorization vulnerabilities.
More info.


Siemens

New

Siemens Monthly Patches are out.  There are three new bulletins, and five updated bulletins.  Several of the updates include patches to previously reported vulnerabilities.
More info.

The latest update for Desigo PXC devices fixes a vulnerability that could allow unauthenticated remote users to cause a denial of service condition on the PX Web interface (HTTP, port tcp/80) of a device.
More info.


Schneider

Patch

Schneider Electric has published Monthly Patches, with two new bulletins and six updated bulletins.  The two new bulletins address XSS in Andover Continuum and Information Exposure in Modicon Controllers.  New bulletins are not yet available on the site.
More info.


F5

New

F5 has identified that their products are vulnerable to recent issues patched in tcpdump.  No fixes yet.
More info.


  

Monday 11 November 2019

Squid

Patch

Multiple vulnerabilities have been published for squid, including HTTP response splitting, DoS, and RCE.
More info.


Gemalto

New

Thales/Gemalto Product Security Team has investigated recently reported vulnerabilities in Sentinel LDK License Manager.
More info.


IBM

Patch

IBM QRadar SIEM is vulnerable to multiple kernel and Eclipse Jetty vulnerabities.
More info.  And here.


Linux

Patch

SUSE had updated libssh, apache, and others.  More info.
OpenSUSE has updated php, firefox, thunderbird, python, and others.  More info.
Arch Linux has updated the kernel and squid.  More info.
Debian has updated chromium.  More info.
Ubuntu has updated bash. More info.


  

Friday 8 November 2019

Medtronic

Patch

Medtronic Valleylab FT10 and FX8 products use multiple sets of hard-coded credentials, reversible one-way hash, and a vulnerable version of the rssh utility.  Patches for FT10 are available.
More info.  And here.


Mitsubishi

Patch

Mitsubishi Electric MELSEC-Q Series and MELSEC-L Series CPU Modules contain a security vulnerability that would allow a remote attacker to cause a DoS through the FTP service.
More info.


Chrome

Patch

Google has released an update for Chrome for Desktop containing 4 security fixes.
More info.


Honeywell

Patch

Honeywell MAXPRO VMS contains two vulnerabilities that can allow Unauthenticated RCE via unsafe binary deserialization and Unauthenticated Remote arbitrary SQL command execution.
More info.


Hitachi

Patch

Hitachi has published security bulletins for Cosminexus HTTP Server, Hitachi Command Suite, and Hitachi Infrastructure Analytics Advisor.
More info.


Linux

Patch

SUSE had updated thunderbird, gdb, and others.  More info.
Gentoo Linux has updated openssl, openssh, and others.  More info.
Mageia has updated chromium, thunderbird, firefox, python, proftd, and others.  More info.
Scientific Linux has updated thunderbird.  More info.


  

Thursday 7 November 2019

Cisco

Patch

Cisco has published 16 bulletins for their products, 8 rated High, 6 Medium, and 2 are Informational.
More info.

Multiple vulnerabilities in Cisco Webex Network Recording Player for Microsoft Windows and Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system.
More info.

Multiple vulnerabilities in the video service of Cisco TelePresence Collaboration Endpoint (CE) and Cisco RoomOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
More info.

Cisco firmware for Cisco RV320 and RV325 Dual Gigabit WAN VPN Routers and RV016, RV042, RV042G, and RV082 Routers are affected by Static certificates and keys, Hardcoded password hashes, and Multiple vulnerabilities in third-party software components.
More info.  And here.


Moxa

Patch

Moxa has reported vulnerabilities in EDS-405A Series Ethernet Switches that could allow an attacker to cause a DoS.
More info.


NetApp

New

NetApp has published five bulletins documenting third-party software vulnerabilities in their products. No patches.
More info.


Linux

Patch

SUSE had updated libssh and php.  More info.
OpenSUSE has updated chromium.  More info.
Arch Linux has updated squid and the kernel.  More info.
RedHat has updated chromium, thunderbird, sudo, and others.  More info.
Scientific Linux has updated sudo.  More info.
Amazon Linux has updated subversion and docker.  More info.
Amazon Linux 2 has updated dovecot, samba, and others.  More info.


  

Wednesday 6 November 2019

Omron

Patch

Omron CX-Supervisor uses a vulnerable version of TeamViewer.  Successful exploitation could result in information disclosure, total compromise of the system, and system unavailability.
More info.

Omron has released an updated version of Network Configurator for DeviceNet Safety to address a previously reported vulnerability.
More info.


Linux

Patch

SUSE had updated samba, libssh, and others.  More info.
OpenSUSE has updated php, python, the kernel, and others.  More info.
RedHat has updated php, python, and others.  More info.
Debian has updated proftpd.  More info.
Ubuntu has updated nokogiri, haproxy, and others.  More info.


  

Tuesday 5 November 2019

Qualcomm

Patch

Qualcomm has published their monthly patches, with 13 fixed vulnerabilities.  Five are marked Critical, six are High, the other two are Medium.  Six have an attack vector of Remote.
More info.


Google

Patch

Google has published their Monthly Patches for Android.  There are 27 vulnerability fixes plus the Qualcomm patches.  Three are rated Critical, four allow RCE.
More info.

They have also released the Monthly Patches for Pixel, with 19 fixed vulnerabilities, with one allowing RCE.
More info.


Brocade

Patch

Brocade has published seven new bulletins for their SANnav product, covering MItM, weak encryption, hardcoded passwords and more.  Highest CVSSv3 score is 7.5.
More info.


F5

New

All F5 products are vulnerable to a DoS vulnerability in tcpdump.  When tcpdump is active and configured to parse FRF.16 traffic, certain traffic patterns may trigger a crash or other unexpected behavior of the tcpdump process.
More info.


Tenable

Patch

Tenable has published a standalone PHP patch for Tenable.sc
More info.


Linux

Patch

SUSE had updated samba and python-ecdsa.  More info.
Arch Linux has updated electron and samba. More info.
Debian has updated webkit2gtk.  More info.


  

Monday 4 November 2019

ABB

Exploit

ABB is aware of public reports of a vulnerability in Power Generation Information Manager and Plant Connect. An attacker who exploits this vulnerability can bypass authentication and extract the user credentials used within the application. CVSSv3 score of 9.8.
Note this statement: "In some cases, end users have used the same usernames and passwords for Windows login. In such instances, if an unauthorized user extracts credentials for PGIM and Plant Connect, then they would also be in possession of Windows credentials, potentially compromising the security of the Domain."

An updated product, Symphony Plus Historian, is available that resolves the publicly reported vulnerabilities.
More info.


Xerox

Patch

Multiple security vulnerabilities have been fixed in Xerox AltaLink products.
More info.


QNAP

Exploit

The QSnatch malware is reportedly being used to target QNAP NAS devices. QNAP has added rules to remove the QSnatch malware and released Malware Remover 3.5.4.0 and 4.5.4.0.
More info.


Linux

Patch

OpenSUSE had updated chromium.  More info.
Arch Linux has updated chromium, ghostscript, python, glibc, and others. More info.
CentOS has updated php, firefox, nss, and others.  More info.
Scientific Linux has updated firefox and php.  More info.
Amazon Linux and Amazon Linux 2 have updated php.  More info.


  

ALERT DEFINITIONS

PRODUCT

GUARDED 

This alert state represents the return towards normalisation of an alert state, indicating that there was a higher alert state due to a product vulnerability during the previous few days.


PRODUCT

INCREASED 

This alert state indicates that a product vulnerability has been identified within the last few days. The vulnerability is either difficult to exploit, or if exploited, results in reduced impact to the target system.


PRODUCT

HIGH 

This alert state indicates a more serious vulnerability which is exploitable.


PRODUCT

CRITICAL 

This alert state indicates a significant threat to the product, where exploits exist or where the vulnerability is potentially devastating.


NEW

NEW 

This bottom descriptor is used with a vulnerability which has been identified in the last 24 hours, with no patch or exploit. It will typically be paired with Increased.


+24hrs

+24hrs

 This bottom descriptor is used with Indicates an alert state which has been present for more than 24 hours. It will typically be paired with Guarded, and could be changed to +48hr for an item that came out as Critical.


Patch

PATCH 

This bottom descriptor indicates that patches are available for vulnerabilities, whether it is the initial report or a patch of a vulnerability that had been previously reported.  It could be paired with Increased or High, and on rare occasions Critical.


Exploit

EXPLOIT 

This bottom descriptor indicates that an Exploit has been made public for a vulnerability, whether it is the initial report or an indication of an exploit for a vulnerability that had been previously reported.  It could be paired with High or Critical.


ZERO

ZERO DAY 

This bottom descriptor indicates that a vulnerability has been announced without the opportunity for the vendor to patch it before the details are made known.  It could be paired with High or Critical.


© Computer Network Defence Limited 2019