Vulnerability Details

The Computer Network Defence Alert State is designed to give a granular and more dynamic visualisation of the current cyber security threat.  Any increase in an alert state will occur immediately an issue is detected and it will drop again by one level each working day

Our rationale for this agility is that vulnerabilities often occur in clusters, therefore reducing the alert state again quickly, will increase your visibility of new threats to the same product. Daily reductions in alert state occur at approximately 1900 GMT/UTC. Significant vulnerabilities may remain for longer. Vulnerabilities on this page are predominantly remotely executable, very few local server exploits will be shown.

Wednesday 5 August 2020


IBM

Patch

Network Performance Insight has vulnerabilities in included third-party software. CVSSv3 scores of 9.8
More info. And here. And here.

IBM Cloud Pak for Integration is affected by multiple Node.js vulnerabilities.  Highest CVSSv3 score of 9.8
More info.


Linux

Patch

A vulnerability was found in Red Hat CloudForms which allows malicious attacker to impersonate any user. An attacker can even create non-existent user with any entitlement in the appliance and performing an API request.  CVSSv3 score of 9.9
More info.

SUSE has updated xen, firefox, the kernel, and others.  More info.
OpenSUSE has updated opera, firefox, and others.  More info.
RedHat has updated python, dbus, postgresql, and others.  More info.
Ubuntu has updated tomcat, libssh, and others. More info.
Scientific Linux has updated postgresql.  More info.


  

Tuesday 4 August 2020


Qualcomm

Patch

Qualcomm's monthly bulletin is out, with 10 Critical vulnerability patches and 31 rated High.  Twelve have an access vector of Remote.
More info.


Google

Patch

Google has published the Android monthly bulletin.  There are 23 CVEs addressed, all rated High, plus the Qualcomm vulnerabilities.
More info.

Google Pixel montly bulletin is out, with one CVE rated High, in addition to the Qualcomm and Android vulnerabilities.
More info.


Samsung

Patch

Samsung's monthly bulletin is out, with Google's Android patches and 39 additional vulnerabilities, with four issues rated High.
More info.


IBM

Patch

A vulnerability in OpenSSH may affect IBM Spectrum Protect Plus. CVSSv3 score of 9.8
More info.

Rsyslog is vulnerable to heap-based buffer overflows which may affect IBM Spectrum Protect Plus. CVSSv3 score of 9.8
More info.

Node.js is vulnerable to buffer overflows, bypass of security restrictions, and denial of service which may affect IBM Spectrum Protect Plus. Highest CVSSv3 score of 9.8
More info.

Multiple vulnerabilities affect IBM Jazz Team Server and IBM Jazz Team Server based Applications.  Highest CVSSv3 score of 9.8
More info.


Linux

Patch

SUSE has updated the kernel.  More info.
RedHat has updated python, dbus, postgresql, and others.  More info.
Oracle Linux has updated postgresql.  More info.
Ubuntu has updated sqlite, squid, and others. More info.
Scientific Linux has updated libvncserver and firefox.  More info.


  

Monday 3 August 2020


NETGEAR

Patch

NETGEAR has released a fix for a pre-authentication command injection security vulnerability in the R8300 Wireless NightHawk Routers. CVSSv3 score of 9.6, attack vector of Adjacent.
More info.


ABB

New

ABB has published a security advisory (as opposed to the previously published security notification) outlining products vulnerable to Ripple20.  No patches, just a list of vulnerable products.
More info.


Linux

Patch

SUSE has updated the kernel, firefox, and others.  More info.
Arch Linux has updated libjcat, mbedtls, and one other.  More info.
RedHat has updated libvncserver, bind, grub2 (to fix the broken parts) and others.  More info.
Gentoo Linux has updated thunderbird, python, and others.  More info.
Debian has updated thunderbird.  More info.
Mageia has updated freerdp, thunderbird, java, and others.  More info.


  

Friday 31 July 2020


Inductive
Automation

Patch

Inductive Automation has published an update for Ignition 8 that corrects a Missing Authorization vulnerability. An HTTP request to the unprotected API could be used to determine whether an arbitrary file path exists on the filesystem. No authentication is required to perform this exploit. CVSSv3 score of 7.5
More info.


Yokogawa

Patch

Vulnerabilities have been found in CAMS for HIS of CENTUM. These vulnerabilities may allow a remote unauthenticated attacker to create or overwrite any file, run any commands. CVSSv3 score of 8.1
More info.


Rockwell
Automation

Patch

A vulnerability exists in FactoryTalk Services Platform that prevents user passwords from being hashed properly. A successful exploit could allow a remote, unauthenticated attacker to create new users in the FactoryTalk Services Platform administration console, allowing the attacker to modify or delete configuration and application data in other FactoryTalk software connected to FactoryTalk Services Platform. CVSSv3 score of 10
More info.


Microsoft

Patch

Microsoft has updated chromium-based Edge for the latest chromium updates.
More info.


Apple

Patch

Apple has published an update for iTunes for Windows that includes several security fixes.
More info.


NetApp

New

NetApp has published eight new bulletins identifying vulnerabilities in third-party software included in NetApp products.
More info.


Linux

Patch

Several Linux flavors have pushed out patches to "Boothole", that breaks boot.  Take a look, delay updates.
More info.

Oracle Linux has updated the firefox.  More info.
Ubuntu has updated the kernel.  More info.
Scientific Linux has updated the kernel, grub2, and firefox.  More info.


  

Thursday 30 July 2020


Cisco

Patch

Cisco has published ten new security bulletins, and three updated bulletins.  Two new bulletins and two updated bulletins are rated Critical, five new bulletins are rated High, the rest are Medium or Informational.
More info.

A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected device. A successful exploit could allow the attacker to gain access to information that they are not authorized to access, make changes to the system that they are not authorized to make, and execute commands on an affected system with privileges of the root user. CVSSv3 score of 9.8
More info.

A vulnerability in the REST API of Cisco Data Center Network Manager (DCNM) due to installations sharing a static encryption key that could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. A successful exploit could allow the attacker to perform arbitrary actions through the REST API with administrative privileges. CVSSv3 score of 9.8
More info.

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization, enabling them to access sensitive information, modify the system configuration, or impact the availability of the affected system. CVSSv3 score of 9.9 even though it requires Local privileges.
More info.


Mitsubishi
Electric

Patch

Mitsubishi Electric has published three new bulletins, outlining multiple FA product vulnerabilities that a malicious attacker could use to execute arbitrary code, obtain information, tamper the information, cause a DoS.
More info.


Dell

Patch

Multiple components within Dell EMC VxRail Appliance require a security update to address various vulnerabilities.  Dell rates this Critical.
More info.

Multiple components within Dell EMC SRS Virtual Edition require a security update to address various vulnerabilities.  Dell rates this Critical.
More info.


Grandstream

New

Grandstream ATA HT800 Series contains multiple vulnerabilities, including remote DoS and an SSH backdoor to root.  No fixes. Highest CVSSv3 score of 10.
More info.


Linux

Patch

All Linux (and Microsoft) flavors are vulnerable to "Boothole", a problem with the GRUB2 boot loader, even with Secure Boot.  Linux flavors are coming out with updates.
More info.

SUSE has updated grub2. More info.
OpenSUSE has updated tomcat and knot.  More info.
Arch Linux has updated libjcat and mbedtls.  More info.
RedHat has updated firefox, the kernel, and grub2. More info.
CentOS has updated the kernel, grub2, and others.  More info.
Oracle Linux has updated the kernel, grub2, and postgresql.  More info.
Debian has updated firefox-esr, grub2, and xrdp.  More info.
Ubuntu has updated firefox and grub2.  More info.
Gentoo Linux has updated chromium and firefox.  More info.
Amazon Linux has updated tomcat, mysql, python, openvpn, and others.  More info.


  

Wednesday 29 July 2020


Secomea

Patch

Secomea has published a new version of GateManager, a VPN server, to correct several security vulnerabilities, including Improper Neutralization of Null Byte or NUL Character, Off-by-one Error, Use of Hard-coded Credentials, Use of Password Hash with Insufficient Computational Effort. Successful exploitation of these vulnerabilities could allow a remote attacker to gain remote code execution on the device. Highest CVSSv3 score of 10.
More info. And here. CISA advisory here.  And an article about the risks to the oil and gas industry.


Softing

Patch

Softing Industrial Automation has provided an update for OPC that corrects two vulnerabilities, including a Heap-based Buffer Overflow and Uncontrolled Resource Consumption. Successful exploitation of these vulnerabilities could crash the device being accessed. A buffer-overflow condition may also allow remote code execution. Highest CVSSv3 score of 9.8
More info.


SICK

Patch

SICK has released a new version of the SICK Package Analytics software to correct multiple security vulnerabilities. Successful exploitation of these vulnerabilities could allow an unauthorized remote attacker to read and write the configuration of the software, read data directly from the file system and view passwords in plain text. Highest CVSSv3 score of 9.1
More info.


Mozilla

Patch

Mozilla has published updates for Firefox, Firefox ESR, Firefox for iOS, and Thunderbird that fixes several security vulnerabilities.
More info.


Adobe

Patch

Adobe has released updates for Magento Commerce 2 and Magento Open Source 2. These updates resolve vulnerabilities rated Important and Critical. Successful exploitation could lead to arbitrary code execution and signature verification bypass.
More info.


NETGEAR

Patch

NETGEAR has published updates for pre-authentication stack overflow, buffer overflow, and command injection in R6700v3 routers.  Highest CVSSv3 score of 8.8
More info. And here. And here.


Linux

Patch

SUSE has updated freerdp, samba, and others. More info.
RedHat has updated postgresql and others.  More info.
Ubuntu has updated the mysql and sympa.  More info.


  

Tuesday 28 July 2020


Google

Patch

Google has published a new version of Chrome for the Desktop with eight security fixes, 6 rated High.  The most severe of these could allow for arbitrary code execution.
More info.


Dell

Patch

Dell EMC OpenManage Server Administrator (OMSA) contains multiple path traversal vulnerabilities. An unauthenticated remote attacker could potentially exploit these vulnerabilities by sending a crafted Web API request containing directory traversal character sequences to gain file system access on the compromised management station.
More info.


Linux

Patch

SUSE has updated python bits. More info.
OpenSUSE has updated tomcat, cacti, go, and others.  More info.
Debian has updated openjdk and qemu.  More info.
Ubuntu has updated the kernel, clamav, sqlite, and others.  More info.


  

Monday 27 July 2020


Hitachi

Patch

Cosminexus has updates for Java and XML vulnerabilities.
More info.


Linux

Patch

SUSE has updated tomcat, mailman, and others. More info.
OpenSUSE has updated cacti, the kernel, go, and others.  More info.
Oracle Linux has updated the kernel and others.  More info.
Ubuntu has updated the kernel.  More info.
Gentoo Linux has updated 57 packages, something for everyone.  More info.


  

Friday 24 July 2020


Cisco

Exploit

Cisco has updated their bulletin to identify active exploitation of a vulnerability in the web services interface of Cisco ASA Software and Cisco FTD Software reported yesterday.
More info.


NetApp

New

NetApp has published seven new security bulletins outlining vulnerabilities in third-party software included in NetApp products.  No patches yet.
More info.


ZTE

Patch

The server management software module of ZTE products has an authentication issue vulnerability, which allows users to skip the authentication of the server and execute some commands for high-level users. CVSSv3 score of 8.5
More info.


Linux

Patch

SUSE has updated the kernel, freerdp, and others. More info.
OpenSUSE has updated tomcat and others.  More info.


  

Thursday 23 July 2020


Cisco

Patch

A vulnerability in the web services interface of Cisco ASA Software and Cisco FTD Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and read sensitive files on a targeted system. An attacker could exploit this vulnerability by sending a crafted HTTP request containing directory traversal character sequences to an affected device.
More info.


CODESYS

Patch

Specifically crafted requests sent to the CODESYS Control runtime system can allocate arbitrary amounts of memory, causing the system to run out of memory and possibly crash. CVSSv3 score of 8.6
More info.


Artica

Patch

Artica Proxy Community Edition allows SQL Injection via the input fields Netmask,Hostname and Alias field.
More info.


Linux

Patch

SUSE has updated java and qemu. More info.
OpenSUSE has updated firefox and others.  More info.
RedHat has updated thorntail and samba.  More info.
Oracle Linux has updated thunderbird and others.  More info.
Debian has updated squid. More info.
Ubuntu has updated python, the kernel, and others.  More info.


  

Wednesday 22 July 2020


Adobe

Patch

Adobe has published updates to resolve an Important vulnerability in Adobe Bridge, and Critical vulnerabilities in Adobe Photoshop, Adobe Prelude and Adobe Reader Mobile. Exploitation of these vulnerabilities could result in information disclosure and arbitrary code execution.
More info.


Linux

Patch

OpenSUSE has updated libvncserver and openconnect.  More info.
RedHat has updated java, nodejs, and others.  More info.
Ubuntu has updated the kernel.  More info.
Scientific Linux has updated java.  More info.


  

Tuesday 21 July 2020


MicroFocus

Patch

The latest version of NetIQ Self Service Password Reset resolves a potential XSS vulnerability.
More info. And here.


IBM

Patch

WML CE component Tensorflow has been updated to correct vulnerabilities in SQLite. Highest CVSSv3 score of 9.8
More info. And here.

IBM Sterling B2B Integrator has addressed multiple security vulnerabilities in jackson-databind. Highest CVSSv3 score of 9.8
More info.


Dell

Patch

Multiple components within Dell EMC CloudBoost Virtual Appliance require a security update to address various vulnerabilities.  Dell rates this Critical.
More info.


Linux

Patch

SUSE has updated tomcat, firefox, and others. More info.
OpenSUSE has updated firefox, chromium, samba, and others.  More info.


  

Monday 20 July 2020


Moodle

Patch

Moodle has released four vulnerability fixes, three of which are rated Serious, one Minor.  Vulnerabilities patched include XSS and DoS.
More info.


IBM

Patch

IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Rails that could allow a remote attacker to execute arbitrary code on the system. CVSSv3 score of 9.8
More info.


Linux

Patch

OpenSUSE has updated ntp, pdns-recursor, samba, and others.  More info.
Arch Linux has updated ffmpeg, nasm, wireshark, and others.  More info.
Debian has updated nss, tomcat, and others.  More info.
Amazon Linux has updated the kernel and others.  More info.


  

Friday 17 July 2020


Microsoft

Patch

Microsoft has updated the chrome-based Edge to include the latest updates.  Highest Severity is Critical.
More info.


ClamAV

Patch

ClamAV has been updated to fix three security vulnerabilities that could lead to DoS, one of them could remove critical system files.
More info.


ABB

New

ABB has identified a few more products vulnerable to Ripple20, including more Protection Relays and an Ethernet Adapter.
More info.


IBM

Patch

Dojo could allow a remote attacker to inject arbitrary code on the system which affects IBM Spectrum Protect for Virtual Environments. CVSSv3 score of 7.5
More info.

Apache Camel is a dependency component shipped with the IBM Netcool/OMNIbus Probe DSL Factory Framework. Apache Camel contains RCE vulnerabilities, CVSSv3  of 9.8
More info.


Mozilla

Patch

Mozilla has published an update for thunderbird that fixes several vulnerabilities rated High, as well as more rated Medium and Low.
More info.


NetApp

New

NetApp has published five bulletins for vulnerabilities in third-party software included in NetApp products.  No patches yet.
More info.


Linux

Patch

SUSE has updated squid and others.  More info.
RedHat has updated java, thunderbird, and others.  More info.
Oracle Linux has updated java, the kernel, and thunderbird.  More info.
Scientific Linux has updated java.  More info.


  

Thursday 16 July 2020


Cisco

Patch

Cisco has 29 new bulletins and one updated bulletin.  Nine are rated Critical, 11 High, and the rest Medium.
More info.

A vulnerabilities in the Telnet service of Cisco Small Business RV110W Wireless-N VPN Firewall Routers could allow an unauthenticated, remote attacker to take full control of the device with a high-privileged account. CVSSv3 score of 9.8
More info.

A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to bypass authentication to execute arbitrary administrative commands, execute arbitrary code on an affected device. CVSSv3 score of 9.8
More info. And here.

A vulnerability in the web-based management interface of Cisco RV110W Wireless-N VPN Firewall and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. CVSSv3 score of 9.8
More info.

A vulnerability in the SSL VPN feature of Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device or cause the device to reload, resulting in a DoS condition. CVSSv3 score of 9.8 (although rated Medium).
More info.


Apple

Patch

Apple has published security updates for Safari, iOS and iPadOS, tvOS, watchOS, and macOS.  Several RCE and DoS vulnerabilities in each product.
More info.


Dell

Patch

Dell has updated EMC VxRail Appliance, EMC Data Protection Central, and EMC PowerProtect Cyber Recovery to correct vulnerabilities in third-party software included in these products. Dell rates these as Critical.
More info. And here. And here.


Synology

Patch

Multiple vulnerabilities allow remote attackers to conduct man-in-the-middle attacks via a susceptible version of Synology DiskStation Manager (DSM). Patches for DSM, patches for SkyNAS are pending.
More info.


Google

Patch

Google has update Chrome for Desktop to correct several security vulnerabilties, including one rated Critical and seven High.
More info.


Linux

Patch

RedHat has updated java, thunderbird, and others.  More info.
Scientific Linux has updated the kernel.  More info.


  

Wednesday 15 July 2020


Oracle

Patch

Oracle Quarterly Critical Patch Update is out, and contains 443 new security patches across the product families.  286 of these vulnerabilities may be remotely exploitable without authentication. Two have a CVSSv3 score of 10, 66 are scored 9.8.
More info.


Schneider
Electric

Patch

Schneider Electric Monthly Patches are out.  There are two new bulletins and three updated bulletins.  New bulletins cover SESU and Floating License Manager.  There are updates for the Ripple20,  ZombieLoad, and BlueKeep bulletins.
More info.


Advantech

Patch

Advantech iView contains multiple vulnerabilities that could allow an attacker to read/modify information, execute arbitrary code, limit system availability, and/or crash the application. CVSSv3 score of 9.8
More info.


HMS

Patch

HMS has patched a vulnerability in eCatcher. This vulnerability could be remotely exploited to gain remote code execution. CVSSv3 score of 9.8
More info.


Apache

Patch

Apache has updated Kylin to fix SQL Injection vulnerabilities.
More info. And here.

Tomcat has been updated to fix two DoS vulnerabilities.
More info.


Linux

Patch

SUSE has updates for java, bind, and several others. More info.
OpenSUSE has updates for thunderbird and xen.  More info.
Arch Linux has updated webkit2gtk.  More info.
Oracle Linux has updated the kernel, nodejs, thunderbird, and others.  More info.
RedHat has updated .NET core and others.  More info.
Ubuntu has updated firefox and webkitgtk+.  More info.
Scientific Linux has updated thunderbird and dbus.  More info.


  

Tuesday 14 July 2020 - Part 2


Adobe

Patch

Adobe has released Monthly Patch updates for Download Manager, ColdFusion, Genuine Service, Media Encoder, and Creative Cloud Desktop.
More info.

The Adobe Download Manager for Windows update resolves a critical vulnerability that could lead to arbitrary code execution. 
More info.

The Adobe Media Encoder update resolves two critical out-of-bounds write vulnerabilities and an important out-of-bound read vulnerability that could lead to arbitrary code execution and information disclosure.
More info.

A Creative Cloud Desktop Application for Windows update addresses critical and important vulnerabilities.  Successful exploitation could lead to arbitrary file system write and privilege escalation.
More info.


Microsoft

Patch

Microsoft Monthly Patches are out, with fixes for 123 vulnerabilities. Of these, 17 are critical and 2 were previously disclosed.  Patches are provided for Windows, Edge, ChakraCore, IE, Office and Office Services and Web Apps, Defender, Skype for Business, Visual Studio, OneDrive, Open Source Software, .NET Framework, and Azure DevOps. Highest CVSSv3 score of 10.
More info.

There is a critical RCE vulnerability affecting Windows DNS Server on multiple Windows Server versions, including 2008, 2012, 2016 and 2019. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the Local System Account.  CVSSv3 score of 10 and wormable.
More info. And here.


  

Tuesday 14 July 2020


SAP

Patch

SAP Security Patch Day saw the release of 8 Security Notes. There are 2 updates to previously released Security Notes.  One new bulletin is rated Hot News, with a CVSSv3 score 10, one rated High, the rest Medium or Low.
More info.

The Hot News bulletin highlights a critical vulnerability affecting the SAP NetWeaver Application Server (AS) Java component LM Configuration Wizard. An unauthenticated attacker can exploit this vulnerability through HTTP to take control of trusted SAP applications.  CVSSv3 score of 10.
More info.


Siemens

Patch

Siemens Monthly Patches are out, with seven new bulletins and 12 updated bulletins.  Highest CVSSv3 score of 9.8
More info.

SICAM MMU, SICAM T and the discontinued SICAM SGU devices are affected by multiple security vulnerabilities which could allow an attacker to perform a variety of attacks. This may include unauthenticated firmware installation, remote code execution and leakage of confidential data like passwords. Siemens recommends additional mitigations in addition to patching. CVSSv3 score of 9.8
More info.

The latest update for LOGO! 8 BM devices fixes a buffer overflow vulnerability that could allow remote code execution in the web server functionality. CVSSv3 score of 9.8
More info.

The latest update for SIMATIC S7-200 SMART fixes a vulnerability that could allow an attacker to cause a permanent Denial-of-Service of an affected device by sending a large number of crafted packets. CVSSv3 score of 7.5
More info.

SPPA-T3000 solutions are affected by Ripple20 for the TCP/IP stack used in APC UPS systems, and by Intel for the Server Platform Services(SPS) used in SPPA-T3000 Application Server and Terminal Server hardware. CVSSv3 score of 10
More info.


F5

New

Big-IQ and Traffix SDC contains several vulnerabilities in Netty which allows an HTTP header that lacks a colon. This vulnerability may result in HTTP request smuggling. When malformed or abnormal HTTP requests are interpreted, the system may interpret them inconsistently, allowing the attacker to 'smuggle' a request to one device while the other device is unaware of it. Highest CVSSv3 score of 9.1
More info. And here.


Linux

Patch

SUSE has updated firefox and thunderbird.  More info.
OpenSUSE has updated openldap, libvncserver, and others.  More info.
RedHat has updated thunderbird and others.  More info.
Debian has updated xen.  More info.


  

Monday 13 July 2020


Smiths
Medical

New

Smiths Medical CADD-Solis Pump Wireless Communication Modules are impacted by the Treck TCP/IP vulnerabilities known as Ripple20. They are working on a patch, and have listed mitigation steps.
More info.


HPE

Patch

HPE has produced updated firmware for Integrated Lights-Out 5 (iLO 5) for HPE/ProLiant Gen10 Servers, to remediate for Ripple20.
More info.


NetApp

New

NetApp has published four bulletins covering vulnerabilities in third-party software included in NetApp products.  No patches yet.
More info.


Linux

Patch

SUSE has updated xen.  More info.
RedHat has updated bind, nodejs, and others.  More info.
Oracle Linux has updated the kernel.  More info.


  

ALERT DEFINITIONS

PRODUCT

GUARDED 

This alert state represents the return towards normalisation of an alert state, indicating that there was a higher alert state due to a product vulnerability during the previous few days.


PRODUCT

INCREASED 

This alert state indicates that a product vulnerability has been identified within the last few days. The vulnerability is either difficult to exploit, or if exploited, results in reduced impact to the target system.


PRODUCT

HIGH 

This alert state indicates a more serious vulnerability which is exploitable.


PRODUCT

CRITICAL 

This alert state indicates a significant threat to the product, where exploits exist or where the vulnerability is potentially devastating.


NEW

NEW 

This bottom descriptor is used with a vulnerability which has been identified in the last 24 hours, with no patch or exploit. It will typically be paired with Increased.


+24hrs

+24hrs

 This bottom descriptor is used with Indicates an alert state which has been present for more than 24 hours. It will typically be paired with Guarded, and could be changed to +48hr for an item that came out as Critical.


Patch

PATCH 

This bottom descriptor indicates that patches are available for vulnerabilities, whether it is the initial report or a patch of a vulnerability that had been previously reported.  It could be paired with Increased or High, and on rare occasions Critical.


Exploit

EXPLOIT 

This bottom descriptor indicates that an Exploit has been made public for a vulnerability, whether it is the initial report or an indication of an exploit for a vulnerability that had been previously reported.  It could be paired with High or Critical.


ZERO

ZERO DAY 

This bottom descriptor indicates that a vulnerability has been announced without the opportunity for the vendor to patch it before the details are made known.  It could be paired with High or Critical.


© Computer Network Defence Limited 2020