Vulnerability Details

The Computer Network Defence Alert State is designed to give a granular and more dynamic visualisation of the current cyber security threat.  Any increase in an alert state will occur immediately an issue is detected and it will drop again by one level each working day

Our rationale for this agility is that vulnerabilities often occur in clusters, therefore reducing the alert state again quickly, will increase your visibility of new threats to the same product. Daily reductions in alert state occur at approximately 1900 GMT/UTC. Significant vulnerabilities may remain for longer. Vulnerabilities on this page are predominantly remotely executable, very few local server exploits will be shown.

Thursday 17 June 2021


Cisco

Patch

Cisco has published 8 new bulletins and one updated bulletin.  Four new bulletins are rated High, four rated Medium.
More info.

A vulnerability in the Cisco AMP for Endpoints integration of Cisco AsyncOS for Cisco ESA and Cisco WSA could allow an unauthenticated, remote attacker to intercept traffic between an affected device and the AMP servers. This vulnerability is due to improper certificate validation when an affected device establishes TLS connections. A man-in-the-middle attacker could exploit this vulnerability by sending a crafted TLS packet to an affected device. CVSSv3 score of 7.4
More info.

A vulnerability in the Cisco ISE integration feature of the Cisco DNA Center Software could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data. The vulnerability is due to an incomplete validation of the X.509 certificate used when establishing a connection between DNA Center and an ISE server. An attacker could exploit this vulnerability by supplying a crafted certificate and could then intercept communications between the ISE and DNA Center. CVSSv3 score of 7.4
More info.

Multiple vulnerabilities in the web-based management interface of Cisco Small Business 220 Series Smart Switches could allow an unauthenticated remote attacker to hijack a user session, execute arbitrary commands as a root user, conduct a XSS attack, and conduct an HTML injection attack. CVSSv3 score of 7.5
More info.


EIP Stack
Group

Patch

An information disclosure vulnerability exists in the Ethernet/IP UDP handler functionality of EIP Stack Group OpENer. A specially crafted network request can lead to an out-of-bounds read.
More info. And here.


IBM

Patch

An ICU heap-based buffer overflow vulnerability Affects IBM Control Center. By sending a specially-crafted request, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. CVSSv3 score of 9.8
More info.

Vulnerabilities in IBM Runtime Environment Java affect IBM Spectrum Protect Snapshot for VMware. Highest CVSSv3 score of 9.8
More info.


Dell

Patch

Dell has published an update for VxRail Appliance Security to fix multiple third-party component vulnerabilities. Dell rates this High.
More info.


HPE

Patch

A vulnerability in HPE BackBox Software can allow unauthorized access under certain conditions. The vulnerability is associated with a specific combination of user IDs while accessing the BackBox user interface.
More info.


Linux

Patch

OpenSUSE has updated the kernel. More info.


  

Wednesday 16 June 2021


ThroughTek

Exploit

ThroughTek supplies multiple manufacturers of IP cameras with P2P connections as part of its cloud platform. ThroughTek P2P products do not sufficiently protect data transferred between the local device and ThroughTek servers. This can allow an attacker to access sensitive information, such as camera feeds. CVSSv3 score of 9.1
Note that ThroughTek patched this mid-2020, but Camera suppliers aren't patching... imagine that.
More info. And here.


Automation
Direct

Patch

Automation Direct CLICK PLC CPU modules contain multiple vulnerabilities, including Authentication Bypass Using an Alternate Path or Channel, Cleartext Transmission of Sensitive Information, and Unprotected Storage of Credentials. Successful exploitation of these vulnerabilities could allow an attacker to log in as a currently or previously authenticated user or discover passwords for valid users. Highest CVSSv3 score of 9.8
More info.


Wibu

Patch

CodeMeter Runtime Network Server contains a Heap Leak and DoS vulnerability. An attacker could send a specially crafted packet that could have the CodeMeter Runtime Network Server send back packets containing data from the heap or crash the server. CVSSv3 score of 9.1
More info.

CodeMeter Runtime CmWAN Server contains a DoS vulnerability. An attacker could send a specially crafted HTTP(S) request to the CodeMeter Runtime CmWANserver that causes the CodeMeter Runtime Server to crash. CVSSv3 score of 7.5
More info.


SonicWall

New

SonicWall is reporting a new vulnerability impacting EOL Secure Remote Access (SRA) products, specifically the SRA 4600 running an old version of firmware.  Updates from that line have been available for some time.
More info.



Microsoft

Patch

Microsoft has published security updates for Microsoft Office for Mac.
More info. And here.


Linux

Patch

SUSE has updated the kernel. More info.
CentOS has updated the kernel. More info.
Scientific Linux has updated the kernel and others. More info.
Alpine Linux has published a new version, 3.14.0. More info.


  

Tuesday 15 June 2021


Apple

Exploit

Apple published an update to address vulnerabilities in iOS prior to 12.5.4 (current version is 14.6. Exploitation of some these vulnerabilities could result in arbitrary code execution. Apple is aware of a report that some of these issues may have been actively exploited.
More info.


Dell

Patch

Dell EMC PowerStore Family remediation is available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system. Dell rates this Critical.
More info.


SonicWall

Patch

SonicWall physical and virtual firewalls running certain versions of SonicOS may contain a vulnerability that could be leveraged for an unauthenticated Denial-of-Service (DoS) attack by sending a specially crafted POST request to the web interface. 
The vulnerability requires Web Management to be enabled on the WAN/LAN interface and requires the precondition of an ongoing active management session.
More info.


IBM

Patch

Vulnerabilities in IBM Java Runtime affect IBM Spectrum Protect Backup-Archive Client, IBM Spectrum Protect for Space Management, and IBM Spectrum Protect for Virtual Environments. Highest CVSSv3 score of 9.8
More info.

Genivia gSOAP vulnerabilities, such as denial of service or execution of arbitrary code on the system, affect IBM Spectrum Protect for Virtual Environments:Data Protection for VMware and Spectrum Protect Client. Highest CVSSv3 score of 9.8
More info.

IBM has released an update for IBM Security Identity Governance and Intelligence in response to a security vulnerability in open source software icu.  CVSSv3 score of 9.8
More info.


Linux

Patch

Arch Linux has updated the microcode. More info.
Oracle Linux has updated the kernel. More info.


  

Monday 14 June 2021


Microsoft

Patch

Microsoft has updated chromium-based Edge for the latest updates in chromium.
More info.


Linux

Patch

Mageia has updated the kernel and microcode. More info.


  

Friday 11 June 2021


Zoll

Patch

ZOLL Defibrillator Dashboard contains multiple vulnerabilities, including Unrestricted Upload of File with Dangerous Type, Use of Hard-coded Cryptographic Key, Cleartext Storage of Sensitive Information, Cross-site Scripting, Storing Passwords in a Recoverable Format, and Improper Privilege Management. Successful exploitation of these vulnerabilities could allow remote code execution, allow an attacker to gain access to credentials, or impact confidentiality, integrity, and availability of the application. Highest CVSSv3 score of 9.9
More info.


AGG

Patch

AGG Software Web Server included in AGG Data Logger software contains two vulnerabilities, including Path Traversal and Cross-site Scripting. Successful exploitation of these vulnerabilities could allow remote code execution and exposure of arbitrary system files. Highest CVSSv3 score of 8.2
More info.


Dell

Exploit

Dell PowerFlex Appliance remediation is available for VMware security vulnerabilities that may be exploited by remote attackers to compromise the affected system. Dell rates this Critical. Note that this is the Critical vulnerability published by VMware last month that is currently being exploited. No patches yet.
More info.


QNAP

Patch

An improper access control vulnerability has been reported to affect QNAP NAS. If exploited, this vulnerability allows remote attackers to compromise the security of the software.
More info.


NetApp

New

NetApp has published 10 new bulletins identifying vulnerabilities in third-party software included in their products.  No patches yet.
More info.


  

Thursday 10 June 2021


Palo Alto
Networks

Patch

Monthly Patches are out for Palo Alto Networks, consisting of 3 bulletins, 1 High, 1 Medium, and 1 Low.  Highest CVSSv3 score of 7.8
More info.

An unsafe deserialization vulnerability in Bridgecrew Checkov by Prisma Cloud allows arbitrary code execution when processing a malicious terraform file. CVSSv3 score of 6.7
More info.


Google

Exploit

Google has published an update for Chrome for Desktop, with 14 security fixes, one rated Critical, and one actively exploited.
More info.


Dell

Exploit

Dell has published updates for Dell Integrated Data Protection Appliance to correct VMware vCenter vulnerabilities that may be exploited to compromise the affected system. Dell rates this Critical, as VMware did.
More info.


BD

New

BD is investigating VMware vulnerabilities from Oct 2020 in their products. 
More info.


NETGEAR

Patch

NETGEAR has released a fix for an authentication bypass security vulnerability on the WAC104. CVSSv3 score of 8.8
More info.


Linux

Patch

Oracle Linux has updated the kernel. More info.
Ubuntu has updated rpcbind. More info.


  

Wednesday 9 June 2021


Bosch

Patch

Multiple vulnerabilities have been identified for Bosch IP cameras. Bosch rates these vulnerabilities with CVSSv3.1 base scores from 9.8 to 4.9.
More info.


IBM

Patch

IBM Security Guardium is affected by multiple vulnerabilities in jackson-databind. CVSSv3 score of 9.8 for all the vulnerabilities.
More info.

IBM Cloud Pak for Applications nodejs and nodejs-express Appsody stacks is vulnerable to information disclosure, buffer overflow and prototype pollution exposures. Highest CVSSv3 score of 9.8
More info.


McAfee

Patch

Memory corruption vulnerability in the driver file component in McAfee GetSusp could allow a program being investigated on the local machine to trigger a buffer overflow in GetSusp, leading to the execution of arbitrary code, potentially triggering a BSOD.
More info.


Linux

Patch

SUSE has updated the kernel. More info.
OpenSUSE has updated libx11. More info.
Red Hat has updated the kernel, microcode, and others. More info.
Ubuntu has updated the kernel and microcode. More info.


  

Tuesday 8 June 2021 - Part 2


Microsoft

Patch

Microsoft Monthly Patches include patches for 50 vulnerabilities. Of these, 5 are Critical, 2 were previously disclosed and 6 are actively exploited. Highest CVSSv3 score of 9.4
More info. And here. And here.


Adobe

Patch

Adobe Monthly Patches include 10 bulletins covering Connect, Acrobat and Reader, Photoshop, Experience Manager, Creative Cloud Desktop, RoboHelp Server, Photoshop Elements, Premier Elements, AfterEffects, and Animate.
More info.


Schneider
Electric

Patch

Schneider Electric Monthly Patches include 6 new bulletins and 4 updated bulletins. Highest CVSSv3 score in the new bulletins is 9.8
More info.

Schneider Electric has published updates for vulnerabilities in PowerLogic PM55xx and PowerLogic PM8ECC products. A Weak Password Recovery Mechanism vulnerability could allow an attacker administrator level access to a device, and an Improper Authentication vulnerability could cause a DoS. Highest CVSSv3 score of 8.1
More info.

Schneider Electric has published updates for vulnerabilities in PowerLogic EGX100 and EGX300 products. A Weak Password Recovery Mechanism vulnerability could allow an attacker administrator level access to a device, an Improper Authentication vulnerability could cause a DoS, and an Improper Input Validation vulnerability could cause DoS or RCE via a specially crafted HTTP packet. These products are EOL, no patches will be coming. Highest CVSSv3 score of 9.8
More info.

Schneider Electric has identified a vulnerability in Modicon X80 BMXNOR0200H RTU product. Sensitive information could be exposed to a remote attacker concerning the current RTU configuration when a specially crafted HTTP request is sent.  No patch yet. Highest CVSSv3 score of 5.3
More info.

Schneider Electric embeds Rockwell Automation's IsaGRAF Workbench and IsaGRAF Runtime products, that have RCE, DoS, and Information Disclosure vulnerabilities. Highest CVSSv3 score of 9.1, all vulnerabilities have a temporal score of 10.
More info.


Thales

Patch

Thales Sentinel LDK Run-Time Environment contains an Incomplete Cleanup vulnerability.  Products that have uninstalled software using the Sentinel LDK Run-Time Environment may have a port left open that allows an attacker to connect. CVSSv3 score of 9.6
More info.


Rockwell
Automation

Patch

Rockwell Automation has reported 5 vulnerabilities in ISaGRAF Runtime. If successfully exploited, these vulnerabilities may result in a remote attacker being able to cause a DoS, RCE, or information disclosure. Highest CVSSv3 score of 9.1, all temporal scores are 10.
More info.


  

Tuesday 8 June 2021


Qualcomm

Patch

Qualcomm Monthly Patches include 10 vulnerabilities, 3 rated Critical, the rest High. Highest CVSSv3 score of 9.8
More info.


Google

Patch

Google Android Monthly Patches contain 20 vulnerabilities, plus MediaTek and Qualcomm patches. Two vulnerabilities are rated Critical, with one of them allowing RCE.  The rest are rated High.
More info.

Google Pixel Monthly Patches contain 43 additional vulnerabilities, 4 rated High and the rest Moderate.
More info.


Samsung

Patch

Samsung Monthly Patches include the Android patches and 11 additional Samsung bulletins. 3 are rated High, the rest Moderate.
More info.


Siemens

Patch

Siemens Monthly Patches include 8 new bulletins and 9 updated bulletins. Highest CVSSv3 score in the new bulletins is 9.8
More info.

SIMATIC TIM 1531 IRC devices are vulnerable to multiple vulnerabilities in the third party component libcurl that could allow an attacker to extract sensitive information and pass a revoked certificate as valid. CVSSv3 score of 7.5
More info.

SIMATIC NET CP 443-1 OPC UA contains multiple vulnerabilities in the underlying third party component NTP. CVSSv3 score of 9.8
More info.

The latest update for TIM 1531 IRC fixes a vulnerability that could allow a remote attacker to cause a denial-of-service under certain circumstances. CVSSv3 score of 7.5
More info.

The latest updates for SIMATIC RF products fix a vulnerability that could allow an unauthorized attacker to crash the OPC UA service of the affected devices. CVSSv3 score of 7.5
More info.


SAP

Patch

SAP Security Patch Day saw the release of17 Security Notes. There were 2 updates to previously released Patch Day Security Notes. Two are rated Hot News, 4 High, and the rest Medium.
More info.


Dell

Exploit

Dell VxRail remediation is available for VMware security vulnerabilities that may be exploited by remote attackers to compromise the affected system. Dell rates this Critical. Note that this is the Critical vulnerability published by VMware last month that is currently being exploited.
More info.


  

Monday 7 June 2021


Microsoft

Patch

Microsoft has published an update for chromium-based Edge with the latests chromium security fixes. CVSSv3 score of 8.2
More info.


Trend Micro

Patch

An OpenSSL vulnerability exists within Trend Micro TippingPoint TPS that can cause the appliance to enter Layer-2 Fallback mode and stop inspecting network traffic. CVSSv3 score of 5.9
More info.


IBM

Patch

Multiple vulnerabilities may affect JRE in IBM DataPower Gateway. Highest CVSSv3 score of 9.8
More info.

IBM Security Guardium is affected by multiple vulnerabilities. Highest CVSSv3 score of 9.9
More info.

An issue in Ajv affects UrbanCode Velocity. A carefully crafted JSON schema could be provided that allows execution of other code by prototype pollution. CVSSv3 score of 9.8
More info.


Dell

Patch

DELL Secure Remote Services (SRS) Virtual Edition contains remediation for multiple third-party components that may be exploited by remote attackers to compromise the affected system. Dell rates this Critical.
More info.


Linux

Patch

SUSE has updated the kernel. More info.
OpenSUSE has updated the kernel. More info.
Ubuntu has updated the kernel. More info.


  

Friday 4 June 2021


Advantech

Patch

Advantech iView contains two vulnerabilities, including SQL Injection and Missing Authentication for Critical Function. These allow an attacker to disclose information, change configurations, and execute arbitrary code.  Highest CVSSv3 score of 9.1.
More info.


Mozilla

Patch

Mozilla published an update to address vulnerabilities in Thunderbird. Exploitation of some of these vulnerabilities could result in arbitrary code execution.
More info.


IBM

Patch

Security vulnerabilities have been identified in IBM WebSphere Application Server used by InfoSphere Master Data Management. IBM WebSphere Application Server could allow a remote attacker to execute arbitrary code on the system with a specially-crafted sequence of serialized objects from untrusted sources. CVSSv3 score of 9.8
More info. And here.


NetApp

New

NetApp has published 10 new bulletins identifying security vulnerabilities in third-party software used by their products.  No patches yet.
More info.


  

Thursday 3 June 2021


Cisco

Patch

Cisco has published 15 new bulletins, 6 rated High, the rest Medium.  Webex, SD-WAN, ASR, and others.
More info.

A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to redirect users to a malicious file. CVSSv3 score of 4.7
More info.


HPE

Patch

HPE has identified several vulnerabilities in HP-UX SMH, including XSS, Buffer overflow, and HSTS vulnerability. Highest CVSSv3 score of 7.5
More info.

Multiple security vulnerabilities have been identified in HPE fibre channel and SAN switches with Brocade Fabric OS. These vulnerabilities could be remotely exploited to cause denial of service. Highest CVSSv3 score of 5.9
More info.


Dell

Patch

Updates for Dell VxRail are available to correct the latest VMware security vulnerabilities that may be exploited by remote attackers to compromise the affected system. Dell rates this Critical, as VMware did.
More info.


F-Secure

Patch

A DoS vulnerability was discovered in F-Secure endpoint protection products on Windows, Mac and Linux whereby the FSAVD component used in certain F-Secure products can crash while scanning larger packages/fuzzed files. The exploit can be triggered remotely by an attacker and cause a DoS of the antivirus engine.
More info.


Apache

Patch

Apache HTTP Server protocol handler for the HTTP/2 protocol contains a NULL pointer dereference on initialised memory vulnerability where a rejection response was not fully initialised in the HTTP/2 protocol handler. Since a triggering HTTP/2 request is easy to craft and submit, this can be exploited to DoS the server.
More info.


Fortinet

Patch

An improper access control vulnerability in FortiWLC may allow an unauthenticated and remote attacker to access certain areas of the web management CGI functionality by just specifying the correct URL.
More info.


Wireshark

Patch

It may be possible to make Wireshark consume excessive CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.
More info.


QNAP

Patch

A command injection vulnerability exists in Video Station. If exploited, this vulnerability allows remote attackers to execute arbitrary commands.
More info.

A DOM-based XSS vulnerability has been reported to affect QNAP NAS running QTS and QuTS hero. If exploited, this vulnerability allows attackers to inject malicious code.
More info.


Linux

Patch

Ubuntu has updated the kernel. More info.
Scientific Linux has updated runc and glib2. More info.


  

Wednesday 2 June 2021


Mozilla

Patch

Mozilla has published updates for Firefox, Firefox ESR, and Firefox for IOS. The top vulnerability is rated High.
More info. And here. And here.


McAfee

Patch

McAfee has reported multiple vulnerabilities in DBSec.  Highest CVSSv3 score of 9.6
More info.


Fortinet

Patch

Fortinet has published 16 new bulletins for their products.
More info.

An improper access control vulnerability in FortiProxy SSL VPN web portal may allow an unauthenticated and remote attacker to change local SSL-VPN users' passwords via specially crafted HTTP requests. CVSSv3 score of 8.9
More info.

Failure to sanitize input in the SSL VPN web portal may allow a remote unauthenticated attacker to perform a reflected Cross-site Scripting (XSS) attack by sending a request to the error page with malicious GET parameters. CVSSv3 score of 4.6
More info.


Linux

Patch

Arch Linux has updated dhcp, bind, and others. More info.
SUSE has updated dhcp, bind, and many others. More info.
Red Hat has updated the kernel, glib2 and others. More info.
Oracle Linux has updated the kernel. More info.


  

Tuesday 1 June 2021


Yokogawa

Patch

Yokogawa YFGW410, YFGW510, and YFGW520 products are affected by Treck IP Stack vulnerabilities as known Ripple20.
More info.


Korenix

Patch

Multiple devices which are developed by Korenix Technology and also rebranded for Westermo and Pepperl+Fuchs Comtrol are prone to different critical vulnerabilities, including CSRF, use of insecure channel, executing commands without prior authentication, TFTP file uploads and downloads without authentication, and backdoor accounts.
More info.


HCL Software

Patch

Axios NPM library used by BigFix Inventory contains a SSRF vulnerability where an attacker is able to bypass a proxy by providing a URL that responds with a redirect to a restricted host or IP address. CVSSv3 score of 5.9
More info.


Linux

Patch

Mageia has updated the kernel. More info.


  

Monday 31 May 2021


IBM

Patch

Multiple security vulnerabilities have been addressed in IBM Cognos Analytics, including allowing control requests in unauthenticated sessions. Highest CVSSv3 score of 10
More info.

Multiple Security vulnerabilities have been fixed in the IBM Application Gateway product. Highest CVSSv3 score of 9
More info.


Linux

Patch

OpenSUSE has updated libx11 and others. More info.
Debian has updated webkit2gtk. More info.


  

Friday 28 May 2021


GENIVI

Patch

The daemon in GENIVI diagnostic log and trace (DLT), is vulnerable to a heap-based buffer overflow that could allow an attacker to remotely execute arbitrary code. CVSSv3 score of 9.8
More info. And here.


Mesa Labs

New

Mesa Labs AmegaView contains multiple vulnerabilities, including Command Injection, Improper Authentication, Authentication Bypass Using an Alternate Path or Channel, and Improper Privilege Management.  Highest CVSSv3 score of 10.  
This product will be EOL the end of 2021, and there will be no updates.
More info. And here.


Commscope

Patch

CommScope Ruckus IoT Controller contains multiple vulnerabilities, including Hard-coded Credentials, Hidden Functionality, and Missing Authentication for Critical Function. 
More info. And here.


Bosch

Patch

Two security vulnerabilities affect the Bosch B426, B426-CN/B429-CN, and B426-M. The user password is transmitted in clear text, and session hijacking is possible.  Highest CVSSv3 score of 8.8
More info.


Siemens

Patch

SIMATIC S7-1200 and S7-1500 CPU products contain a memory protection bypass vulnerability that could allow an attacker to write arbitrary data and code to protected memory areas or read sensitive data to launch further attacks. CVSSv3 score of 8.1
More info.


IBM

Patch

Multiple vulnerabilities in IBM WebSphere eXtreme Scale Liberty Deployment.  Highest CVSSv3 score of 9.8
More info.

Vulnerabilities in Java are affecting Watson Knowledge Catalog for IBM Cloud Pak for Data. Highest CVSSv3 score of 9.8
More info.

An issue was identified in the IBM Runtime Java shipped with IBM MQ and IBM Spectrum Protect Snapshot. CVSSv3 score of 9.8
More info. And here.


Microsoft

Patch

Microsoft has updated chromium-based Edge with the latest fixes in chromium.
More info.


NetApp

New

NetApp has published 10 new bulletins identifying security vulnerabilities in third-party software included in their products.  No patches yet.
More info.


  

Thursday 27 May 2021


Mitsubishi
Electric

New

A DoS vulnerability exists in MELSOFT transmission port (TCP/IP) of MELSEC iQ-R series CPU modules due to improper session management. An attacker can cause resource exhaustion and DoS condition on a target by not closing a connection properly. CVSSv3 score of 5.3
More info.


Moxa

Patch

Multiple product vulnerabilities were identified in Moxa’s NPort IAW5000A-I/O Series Wireless Device Server. Buffer overflow, improper input validation, and unuathenticated data access vulnerabilities in the built-in web server allows remote attackers to initiate a DoS attack and execute arbitrary code (RCE).
More info.


B&R

Patch

B&R Automation Runtime (AR) includes an outdated version of ntpd which is affected by a large number of vulnerabilities. Highest CVSSv3 score of 7.5
More info.

One B&R POWERLINK stack is affected by two Amnesia vulnerabilities, and is used by a range of B&R field-level products. Highest CVSSv3 score of 8.2
More info.


Linux

Patch

RedHat has updated data grid. More info.


  

Wednesday 26 May 2021


VMware

Patch

Multiple vulnerabilities in the vSphere Client (HTML5) were reported.  The vSphere Client contains a RCE vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server.  A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server. CVSSv3 base score of 9.8.
More info. And here.


Google

Patch

Google has published a Chrome for Desktop update that includes 32 security fixes.
More info.


curl

Patch

Curl has published 3 new bulletins identifying Use After Free, Use of Uninitialized Variable, and Exposure of Data Element to Wrong Session vulnerabilities.
More info.


Spacelabs
Healthcare

New

Spacelabs utilizes Wind River VxWorks that was identified as one of the RTOS affected by BadAlloc for Patient Monitors.
More info. And here.


Rockwell
Automation

New

Rockwell Automation Micro800 and MicroLogix 1400 contains a MitM vulnerability. If successfully exploited, this vulnerability may result in DoS. To recover, a firmware flash on the controller will need to be performed, which will put the controller into the default state and the user program and data will be lost. CVSSv3 score of 6.1
This vulnerability cannot be remediated with a patch. 
More info.


Linux

Patch

RedHat has updated the kernel and others. More info.
SUSE has updated the kernel and others. More info.
Gentoo Linux has published 35 new bulletins. More info.
Ubuntu has updated libx11. More info.


  

Tuesday 25 May 2021


VMware

Patch

Multiple vulnerabilities in the vSphere Client (HTML5) were reported.  The vSphere Client contains a RCE vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server.  A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server. CVSSv3 base score of 9.8.
More info. And here.


Apple

Patch

Apple has published security updates for Safari, macOS, iOS, watchOS, and tvOS.
More info.

macOS Big Sur and tvOS have vulnerabilities that are being actively exploited.
More info. And here.


IBM

Patch

IBM MQ Appliance has resolved a Java SE vulnerability. CVSSv3 score of 9.8
More info.


  

Monday 24 May 2021


IBM

Patch

 IBM Security Guardium is affected by vulnerabilties in jackson-databind, IBM Java SDK, and Squid. Highest CVSSv3 score of 9.8
More info. And here. And here.


HCL Software

Patch

HCL Digital Experience is susceptible to multiple security vulnerabilities.
More info.


Linux

Patch

Debian has updated libx11. More info.
Mageia has updated libx11 and others. More info.


  

Friday 21 May 2021


SolarWinds

Patch

SolarWinds Network Performance Monitor contains a vulnerability within the SolarWinds.Serialization library. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. A remote attacker can leverage this vulnerability to execute arbitrary code in the context of SYSTEM. CVSSv3 score of 9.8
More info. And here.


IBM

Patch

Multiple vulnerabiilities in XStream, Java, OpenSSL, WebSphere Application Server Liberty and Node.js may affect IBM Spectrum Control.  Highest CVSSv3 score of 9.8
More info.


QNAP

Patch

A relative path traversal vulnerability has been reported to affect QNAP NAS running QTS and QuTS hero. If exploited, this vulnerability allows attackers to modify files that impact system integrity.
More info.

The ransomware known as Qlocker exploits CVE-2021-28799 to attack QNAP NAS running certain versions of HBS 3 (Hybrid Backup Sync).
More info.


NetApp

New

NetApp has published 10 new bulletins identifying vulnerabilities in third-party software included in their products.  No patches yet.
More info.


Hitachi

Patch

Hitachi has published security updates for Ops Center Analyzer viewpoint and Ops Center Common Services.
More info.


HCL Software

Patch

There are multiple vulnerabilities in SDK Java that is used by Notes Standard Client. Highest CVSSv3 score of 10.
More info.


  

Thursday 20 May 2021


Cisco

Patch

Cisco has published 8 new bulletins and 2 updated bulletins. Two are rated High, the rest Medium. Nearly all require authentication.
More info.

A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to redirect a user to an undesired web page. CVSSv3 score of 4.7
More info.


IBM

Patch

Multiple security vulnerabilities in Node.js affecs Cloud Pak for Multicloud Management Managed Service, and Cloud Automation Manager. Highest CVSSv3 score of 9.8
More info. And here. And here. And here. And here. And here. And here.


Xerox

Patch

Xerox has published security updates for FreeFlow Print Server and Xerox Phaser and WorkCentre products.
More info.


Linux

Patch

Mageia has updated the kernel. More info.


  

Wednesday 19 May 2021


Advantech

0-Day

Advantech BB-ESWGP506-2SFP-T uses hard-coded credentials for the telnet service, which listens on TCP port 23 by default, allowing RCE as administrator. CVSSv3 score of 9.8
More info.


Beckhoff

Patch

Beckhoff TwinCat products use vulnerable version of OPC UA
More info. And here. And here.


IBM

Patch

Multiple security vulnerabilities in Jackson-Databind affect IBM Sterling B2B Integrator.  CVSSv3 score of 9.8
More info. And here.

A vulnerability in Java affects IBM Cloud Pak for Multicloud Management Monitoring.  CVSSv3 score of 9.8
More info.

Security vulnerabilities in Go affect IBM Cloud Pak for Multicloud Management Hybrid GRC. Highest CVSSv3 score of 9.8
More info.

IBM Resilient SOAR is using components with known vulnerabilities. HIghest CVSSv3 score of 9.8
More info.


Emerson

Patch

Emerson Rosemount X-STREAM Gas Analyzer contains multiple vulnerabilities that could allow an attacker to obtain sensitive information, modify configuration, or affect the availability of the device. Highest CVSSv3 score of 7.5
More info. And here.


Bosch

Patch

Bosch products IndraMotion MTX, MLC and MLD and the ctrlX CORE PLC contain vulnerabilities in third-party software from CODESYS.  CVSSv3 score of 7.3
More info.


  

Tuesday 18 May 2021


HCL Software

Patch

There are multiple vulnerabilities in IBM SDK Java that is used by Remote Control. Highest CVSSv3 score of 9.8
More info.

Weak TLS-RSA key exchange algorithm is enabled in BigFix Remote Control. CVSSv3 score of 3.7
More info.

There are multiple vulnerabilities in OpenSSL that is used by OSD Metal Server Web UI. CVSSv3 score of 7.5
More info.

A XML Entity Expansion vulnerability in XMLBeans affects HCL Commerce. CVSSv3 score of 9.1
More info.

Multiple vulnerabilities in Jackson Dataformat, Netty Handler and Elastic Search affect HCL Commerce. Highest CVSSv3 score of 7.5
More info.


IBM

Patch

IBM Java SDK vulnerabilities have been fixed in IBM Netezza Analytics for NPS.  Highest CVSSv3 score of 10
More info.


NetBSD

Patch

The latest version of NetBSD contains security fixes.
More info.


Linux

Patch

SUSE has updated the kernel. More info.


  

Monday 17 May 2021


B.Braun

Patch

Connected infusion pump Perfusor, Infusomat, Infusomat P from both Space and compactplus families contain multiple vulnerabilities that could allow a sophisticated attacker to compromise the security of the Space or compactplus communication devices, allowing an attacker to escalate privileges, view sensitive information, upload arbitrary files, and perform remote code execution. Under certain conditions, successful exploitation of these vulnerabilities could allow an attacker to change the configuration of a connected infusion pump which may alter infusions after a successful attack. CVSSv3 score of 9.7
More info.


IBM

Patch

IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of XStream. Highest CVSSv3 score of 9.8
More info.


HPE

Patch

Multiple security vulnerabilities have been identified in HPE fibre channel and SAN switches with Brocade Fabric OS (FOS). These vulnerabilities could be locally exploited to execute arbitrary code, and to allow an authenticated CLI attacker to write arbitrary content to files. The other vulnerabilities could be remotely exploited to cause denial of service, and inject arbitrary HTTP headers. Highest CVSSv3 score of 7.8
More info.

Multiple security vulnerabilities have been identified in the HPE B-Series SANnav Management Portal, also known as HPE SANnav Management Software. The vulnerabilities could be remotely exploited to carry out requests to servers or services which otherwise would be inaccessible, expose docker ports, disclose internal server information, disclose sensitive information, access files and create directories without permission, and cause denial of service. Highest CVSSv3 score of 8.8
More info.

Multiple security vulnerabilities have been identified in HPE fibre channel and SAN switches with Brocade Fabric OS (FOS). These vulnerabilities could be locally exploited to execute arbitrary code, and to allow an authenticated CLI attacker to write arbitrary content to files. The other vulnerabilities could be remotely exploited to bypass authentication, disclose sensitive information, and cause denial of service. Highest CVSSv3 score of 7.9
More info.


Broadcom

Patch

Brocade has published 21 new security bulletins affecting Brocade FabricOS and Brocade SANnav.  5 are rated High, the rest Medium and Low.
More info.


  

ALERT DEFINITIONS

PRODUCT

GUARDED 

This alert state represents the return towards normalisation of an alert state, indicating that there was a higher alert state due to a product vulnerability during the previous few days.


PRODUCT

INCREASED 

This alert state indicates that a product vulnerability has been identified within the last few days. The vulnerability is either difficult to exploit, or if exploited, results in reduced impact to the target system.


PRODUCT

HIGH 

This alert state indicates a more serious vulnerability which is exploitable.


PRODUCT

CRITICAL 

This alert state indicates a significant threat to the product, where exploits exist or where the vulnerability is potentially devastating.


NEW

NEW 

This bottom descriptor is used with a vulnerability which has been identified in the last 24 hours, with no patch or exploit. It will typically be paired with Increased.


+24hrs

+24hrs

 This bottom descriptor is used with Indicates an alert state which has been present for more than 24 hours. It will typically be paired with Guarded, and could be changed to +48hr for an item that came out as Critical.


Patch

PATCH 

This bottom descriptor indicates that patches are available for vulnerabilities, whether it is the initial report or a patch of a vulnerability that had been previously reported.  It could be paired with Increased or High, and on rare occasions Critical.


Exploit

EXPLOIT 

This bottom descriptor indicates that an Exploit has been made public for a vulnerability, whether it is the initial report or an indication of an exploit for a vulnerability that had been previously reported.  It could be paired with High or Critical.


ZERO

ZERO DAY 

This bottom descriptor indicates that a vulnerability has been announced without the opportunity for the vendor to patch it before the details are made known.  It could be paired with High or Critical.


© Computer Network Defence Limited 2021