Vulnerability Details

The Computer Network Defence Alert State is designed to give a granular and more dynamic visualisation of the current cyber security threat.  Any increase in an alert state will occur immediately an issue is detected and it will drop again by one level each working day

Our rationale for this agility is that vulnerabilities often occur in clusters, therefore reducing the alert state again quickly, will increase your visibility of new threats to the same product. Daily reductions in alert state occur at approximately 1900 GMT/UTC. Significant vulnerabilities may remain for longer. Vulnerabilities on this page are predominantly remotely executable, very few local server exploits will be shown.

Friday 31 March 2023


Contec

Patch

Contec has identified several vulnerabilities in its CONPROSYS HMI System (CHS) Web HMI/SCADA software. These vulnerabilities could be exploited by a remote attacker to steal information. CVSSv3 score of 7.5
More info.


Apple

Patch

Apple has published an update for Xcode that fixes two sandbox vulnerabilities in Dev Tools
More info.


IBM

Patch

IBM QRadar User Behavior Analytics is vulnerable to components with known vulnerabilities. Highest CVSSv3 score of 9.8
More info.

IBM QRadar SIEM includes components with known vulnerabilities.  Highest CVSSv3 score of 9.8
More info.

Multiple vulnerabilities were fixed in IBM Cloud Pak for Watson AIOps. Highest CVSSv3 score of 9.8
More info.

Multiple vulnerabilities were fixed in IBM Robotic Process Automation for Cloud Pak. Highest CVSSv3 score of 9.1
More info.


NetApp

Patch

NetApp has published 11 new bulletins identifying vulnerabilities in third-party software included in their products.  Highest CVSSv3 score of 7.8.  Four have patches.
More info.


Linux

Patch

SUSE has updated the kernel. More info.
Ubuntu has updated the kernel. More info.


  

Thursday 30 March 2023


Samba

Patch

Samba has published 3 new bulletins, highest CVSSv3 score of 7.7
More info.

Samba will send password information over unencrypted sessions. CVSSv3 score of 5.9
More info.


QNAP

Patch

QNAP is updating their products for the Samba vulnerabilities.
More info.


Veritas

Patch

Veritas has identified their products that include a vulnerable version of XStream.
More info.


3CX

Exploit

3CX DesktopApp was shipped with malware.
More info.


Linux

Patch

Alpine Linux has published new releases. More info.


  

Wednesday 29 March 2023


PowerDNS

Patch

When the recursor detects and deters a spoofing attempt or receives certain malformed DNS packets, it throttles the server that was the target of the impersonation attempt. Unfortunately this mechanism can be used by an attacker with the ability to send queries to the recursor, guess the correct source port of the corresponding outgoing query and inject packets with a spoofed IP address to force the recursor to mark specific authoritative servers as not available, leading to a DoS for the zones served by those servers. CVSSv3 score of 3.7
More info.


Mozilla

Patch

Thunderbird users who use the Matrix chat protocol were vulnerable to a DoS.
More info.


Tenable

Patch

Tenable.sc has been updated to correct a vulnerability in Apache.  CVSSv3 score of 9.8
More info.


Linux

Patch

Oracle Linux has updated the kernel. More info.
Ubuntu has updated the kernel. More info.


  

Tuesday 28 March 2023


Apple

Exploit

Apple has published updates for Studio Display firmware, Safari, iOS, iPadOS, watchOS, tvOS, and macOS. Three vulnerabilities are rated Critical, with one in WebKit being exploited.
More info.


APsystems

Patch

There is a security vulnerability in Altenergy Power System Control Software, which is caused by an operating system command injection vulnerability in /set_timezone. A remote attacker can execute arbitrary commands to obtain server privileges. CVSSv3 score of 9.8
More info.


Hitachi
Energy

Patch

Multiple vulnerabilities exist in the MicroSCADA System Data Manager SDM600. A remote attacker who successfully exploited this vulnerability could take remote control. Highest CVSSv3 score of 9.9
More info.


Dell

Patch

An update for Streaming Data Platform is available that fixes multiple security vulnerabilities. Dell rates this Critical.
More info.


Linux

Patch

SUSE has updated the kernel. More info.
Ubuntu has updated the kernel. More info.


  

Monday 27 March 2023


BD

Patch

BD has published updates for vulnerabilities in third-party software included in Synapsys and BD MAX.
More info.


Microsoft

Patch

Microsoft has updated Edge with the latest chromium security fixes.
More info.

Microsoft has patched the "Acropalypse" bug in their Snip & Sketch tool.
More info.


IBM

Patch

Vulnerabilities in Bash affect SAN Volume Controller and Storwize Family. Some vulnerabilities are from 2014. Highest CVSSv3 score of 10
More info. And here.

Vulnerabilities in Network Security Services (NSS) and Netscape Portable Runtime (NSPR) could allow a remote attacker to obtain sensitive information or cause a DoS. Highest CVSSv3 score of 9.3
More info.


NetApp

New

NetApp has published 10 new bulletins identifying vulnerabilities in third-party software included in their products.  Highest CVSSv3 score of 9.1
Only 1 bulletin has patches.
More info.


Linux

Patch

Red Hat has updated the kernel and kpatch. More info.


  

Friday 24 March 2023


ManageEngine

Patch

ManageEngine ADSelfService Plus pertains to an OTP–brute-force issue in the Password Sync Agent that could affect integrated third-party applications. Attackers could exploit this vulnerability using specialized, highly sophisticated machines to reset passwords and take control over integrated third-party applications. This is rated High.
More info.


ProPump &
Controls

New

Osprey Pump Controller contains several vulnerabilities. Successful exploitation of these vulnerabilities could allow an attacker to gain unauthorized access, retrieve sensitive information, modify data, cause a denial-of-service, and/or gain administrative control. Highest CVSSv3 score of 9.8
No response from ProPump and Controls.
More info.


SAUTER

New

SAUTER EY-modulo 5 Building Automation Stations contains multiple vulnerabilities. Successful exploitation of these vulnerabilities could lead to privilege escalation, unauthorized execution of actions, a DoS, or retrieval of sensitive information. Highest CVSSv3 score of 8.8
No patch will be available because encryption is not supported.
More info.


IBM

Patch

Spectrum Protect Plus contains security vulnerabilities in third-party software included in the product.  Highest CVSSv3 score of 10
More info.


Xerox

Patch

Xerox has updated third-party software in several of their Print Server products.
More info.


Tenable

Patch

Tenable.sc has been updated with fixes for multiple vulnerabilities in third-party software. Highest CVSSv3 score of 9.8
More info.


Linux

Patch

Ubuntu has updated the kernel. More info.


  

Thursday 23 March 2023


Microsoft

0-Day

The vulnerability dubbed "Acropalypse" originally identified and fixed in Pixel has now cropped up (see what we did there) in Windows 11's Snipping Tool and Windows 10's Snip & Sketch tool.  When editing a saved screenshot and resaving, parts of the original image are recoverable.
More info. And here.


Cisco

Patch

Cisco has published 18 new bulletins, 9 rated High and 11 rated Medium. Highest CVSSv3 score of 8.6
More info.

A remote attacker can cause a DoS through various functions of the XE Software. Highest CVSSv3 score of 8.6
More info. And here. And here. And here.


Varta
Storage

New

Hard-coded credentials in Web-UI of multiple VARTA Storage products allows an unauthorized attacker to gain administrative access to the Web-UI via network. CVSSv3 score of 9.1
No patch yet.
More info.


Meinberg

Patch

LANTIME firmware has been updated to fix vulnerabilities in third-party software.
More info.


OpenSSL

Patch

A DoS vulnerability in certificate chains has been patched.
More info.


Philips

New

Philips has identified 5 products that are vulnerable to the recently patched RCE vulnerabilities in Microsoft.  They are working on mitigation.
More info.


  

Wednesday 22 March 2023


Rockwell
Automation

Patch

Vulnerabilities were discovered in the ThinManager ThinServer software. Successful exploitation of this vulnerability could allow an attacker to potentially perform remote code execution on the target or crash the software. Highest CVSSv3 score of 9.8
More info.


Delta
Electronics

Patch

Delta Electronics InfraSuite Device Master contains several vulnerabilities. Successful exploitation of these vulnerabilities could allow a remote attacker to obtain access to files and credentials, escalate privileges, and remotely execute arbitrary code. Highest CVSSv3 score of 9.8
More info.


Google

Patch

Chrome for Desktop has been updated to fix 8 security vulnerabilities.
More info.

Microsoft is aware. More info.


Dell

Patch

Dell Technologies PowerProtect DD remediation is available for various security vulnerabilities that could be exploited by malicious users to compromise the affected system. Dell rates this Critical.
More info.


Apache

Patch

A vulnerability exists in Tomcat when using the RemoteIpFilter leads to Tomcat not including the secure attribute. This could result in the user agent transmitting the session cookie over an insecure channel.
More info.


Veritas

Patch

The Veritas NetBackup IT Analytics application upgrade process included unsigned files which could be exploited and result in a customer installing unauthentic components. CVSSv3 score of 5.3
More info.


Linux

Patch

SUSE has updated the kernel. More info.
Oracle Linux has updated the kernel. More info.


  

Tuesday 21 March 2023


IBM

Patch

IBM Aspera Faspex 4.4.2 PL3 has addressed multiple vulnerabilities.  Highest CVSSv3 score of 9.9
More info.


Linux

Patch

Red Hat has updated the kernel. More info.


  

Monday 20 March 2023


Unify

Patch

Three command injection vulnerabilities have been identified in the Atos Unify OpenScape 4000 Platform and the Atos Unify OpenScape 4000 Manager Platform. A remote attacker can run arbitrary commands on the platform operating system and get administrative access to the system. Highest CVSSv3 score of 9.8
More info.


Google

Exploit

Google has published the Monthly Patch Update for Pixel phones.  There are 46 patched vulnerabilities, plus Android and Qualcomm. This includes a fix for the Samsung 0-Day reported on Friday.
More info.


D-Link

New

D-Link DIR-456U has hardcoded passwords, but was EOL 5 years ago.
More info.


curl

Patch

Several vulnerabilities have been identified in curl that allows connection reuse when options have changed that should trigger a new session, as well as improper evaluation of tilde (~) in a path string, and passing TELNET values without input scrubbing.  Most are rated Low, 1 is rated Medium.
More info.


Linux

Patch

SUSE has updated the kernel. More info.


  

Friday 17 March 2023


Honeywell

Patch

Honeywell OneWireless Wireless Device Manager contains several vulnerabilities, including Command Injection, Use of Insufficiently Random Values, and Missing Authentication for Critical Function.  Highest CVSSv3 score of 9.8
More info.


Samsung

0-Day

Eighteen 0-day vulnerabilities have been reported in Exynos Modems produced by Samsung Semiconductor. The four most severe of these eighteen vulnerabilities allow an attacker to remotely compromise a phone at the baseband level with no user interaction, and require only that the attacker know the victim's phone number.
More info.


IBM

Patch

IBM Cognos Command Center is affected by multiple vulnerabilities. Highest CVSSv3 score of 9.8
More info.


NetApp

Patch

NetApp has published 11 new bulletins identifying vulnerabilities third-party software in their products.  Highest CVSSv3 score of 9.8
Five have patches.
More info.


BD

Patch

BD has updated third-party software in BACTEC FX40.
More info.


Linux

Patch

SUSE has updated the kernel. More info.
Oracle Linux has updated the kernel. More info.


  

Thursday 16 March 2023


Rockwell
Automation

Patch

Modbus TCP Server Add-On Instructions (AOI) for ControlLogix and CompactLogix controllers contains a vulnerability that would allow a remote attacker to gain information when the Modbus TCP Server AOI accepts a malformed request. CVSSv3 score of 5.3
More info.


IBM

Patch

IBM Sterling B2B Integrator has addressed security vulnerabilities in Dojo Toolkit. Highest CVSSv3 score of 9.8
More info.


NETGEAR

Patch

NETGEAR has released fixes for an authentication bypass security vulnerability in C6220 models. CVSSv3 score of 7.5
More info.

NETGEAR has released fixes for a security misconfiguration vulnerability in several product models. CVSSv3 score of 3.7
More info.


Mozilla

Patch

Mozilla has published a bulletin rated High for Thunderbird.
More info.


Linux

Patch

SUSE has updated the kernel. More info.
Red Hat has updated kpatch. More info.
Ubuntu has updated the kernel. More info.


  

Wednesday 15 March 2023


Microsoft

Exploit

Microsoft Monthly Patches include 76 vulnerabiltiies, 9 rated Critical and 2 are being Exploited. Highest CVSSv3 score of 9.8
More info. And here.

There is a RCE affecting HTTP Protocol Stack vulnerability. A prerequisite for a server to be vulnerable is that the binding has HTTP/3 enabled and the server uses buffered I/O. HTTP/3 support for services is a new feature of Windows Server 2022. CVSSv3 score of 9.8
More info.

ICMP contains a RCE vulnerability.  An attacker could send a low-level protocol error containing a fragmented IP packet inside another ICMP packet in its header to the target machine. To trigger the vulnerable code path, an application on the target must be bound to a raw socket. CVSSv3 score of 9.8
More info.

Attackers could send specially crafted emails that will cause a connection from the victim to an external UNC location of attackers' control. This will leak the Net-NTLMv2 hash of the victim to the attacker who can then relay this to another service and authenticate as the victim. This is being exploited.  CVSSv3 score of 9.8
More info. And here.

There is a RCE vulnerability in RPC.  A remote attacker can send a specially crafted RPC call to an RPC host. This could result in remote code execution on the server side with the same permissions as the RPC service. CVSSv3 score of 9.8
More info.


Adobe

Patch

Adobe has published Monthly Patches for Commerce, Experience Manager, Illustrator, Dimension, Creative Cloud, Substance 3D Stager, Photoshop, and ColdFusion. Highest CVSSv3 score of 9.8, in ColdFusion.
More info. And here.


Aveva

Patch

AVEVA Plant SCADA and Telemetry Server have an Improper Authorization vulnerability. A remote attacker could remotely read data, cause a DoS, and tamper with alarm states. CVSSv3 score of 9.8
More info. And here.

AVEVA InTouch Access Anywhere and Plant SCADA Access Anywhere contain several vulnerabilities, including a Path Traversal and third-party OpenSSL.  CVSSv3 score of 9.8
More info.


Moxa

Patch

Two vulnerabilities affect the NPort 6000 Series and Windows driver manager. An attacker may perform a MitM attack and eavesdrop on the secure connection between the NPort 6000 Series and the Windows driver manager. 
More info.


Aruba

Patch

ClearPass Policy Manager has been udpated to address multiple security vulnerabilities. Highest CVSSv3 score of 9.8
More info.


Mozilla

Patch

Mozilla has published updates for Firefox and Firefox ESR, both rated High.
More info.


  

Tuesday 14 March 2023


Siemens

Patch

Siemens Monthly Patches are out, with 7 new bulletins and 23 updated bulletins.  Of the new bulletins, highest CVSSv3 score of 9.8
More info.

Multiple third-party component vulnerabilities were reported for the Busybox applet, the Linux Kernel, OpenSSL, OpenVPN and various other components used by the RUGGEDCOM and SCALANCE products. Highest CVSSv3 score of 9.8
More info.

The Mendix SAML module insufficiently verifies the SAML assertions. This could allow a remote attacker to bypass authentication and get access to the application. CVSSv3 score of 9.1
More info.

The RADIUS client implementation of the VxWorks platform in SIPROTEC 5 devices contains a DoS that could be triggered when a specially crafted packet is sent by a RADIUS server.  CVSSv3 score of 7.5
More info.

Multiple vulnerabilities affecting various third-party components of SCALANCE W-700 IEEE 802.11ax devices could allow a remote attacker to cause a DoS, disclose sensitive data or violate the system integrity. Highest CVSSv3 score of 8.1
More info.


Schneider
Electric

Patch

Schneider Electric Monthly Patches include 3 new bulletins and 15 updated bulletins. Of the new bulletins, highest CVSSv3 score of 9.8
More info.

PowerLogic HDPM6000 products contain an improper validation of an array index vulnerability exists where a specially crafted Ethernet request could result in DoS or RCE. CVSSv3 score of 9.8
More info.

Multiple vulnerabilities exist in Data Server, Dashboard and Custom Reports modules for the IGSS.  Highest CVSSv3 score of 8.8
More info.


SAP

Patch

SAP Patch Day is here, with 19 new Security Notes.  5 are rated Hot News, 4 rated High, and 10 rated Medium. Highest CVSSv3 score of 9.9
More info.


Phoenix
Contact

Patch

ENERGY AXC PU uses CODESYS Control V3 runtime system, which contains several vulnerabilities.  Highest CVSSv3 score of 8.1
More info.


Microsoft

Patch

Microsoft has updated Edge with the latest chromium security fixes.
More info.

Monthly Patches are expected out later today.


Omron

Patch

Improper Access Control vulnerabilities exist in the CS/CJ/CP-series Programmable Controllers. A remote attacker can use these vulnerabilities to bypass protection system of the user memory, disable a password, overwrite a new password, and overwrite a code for executing the user program (object code) or a function block. CVSSv3 score of 9.1
More info.


  

Monday 13 March 2023


Dell

Patch

Dell VxRail remediation is available for multiple security vulnerabilities in third-party software.  Dell rates this Critical.
More info.


Linux

Patch

Red Hat has updated kpatch. More info.
Mageia has updated the kernel. More info.


  

ALERT DEFINITIONS

PRODUCT

GUARDED 

This alert state represents the return towards normalisation of an alert state, indicating that there was a higher alert state due to a product vulnerability during the previous few days.


PRODUCT

INCREASED 

This alert state indicates that a product vulnerability has been identified within the last few days. The vulnerability is either difficult to exploit, or if exploited, results in reduced impact to the target system.


PRODUCT

HIGH 

This alert state indicates a more serious vulnerability which is exploitable.


PRODUCT

CRITICAL 

This alert state indicates a significant threat to the product, where exploits exist or where the vulnerability is potentially devastating.


NEW

NEW 

This bottom descriptor is used with a vulnerability which has been identified in the last 24 hours, with no patch or exploit. It will typically be paired with Increased.


+24hrs

+24hrs

 This bottom descriptor is used with Indicates an alert state which has been present for more than 24 hours. It will typically be paired with Guarded, and could be changed to +48hr for an item that came out as Critical.


Patch

PATCH 

This bottom descriptor indicates that patches are available for vulnerabilities, whether it is the initial report or a patch of a vulnerability that had been previously reported.  It could be paired with Increased or High, and on rare occasions Critical.


Exploit

EXPLOIT 

This bottom descriptor indicates that an Exploit has been made public for a vulnerability, whether it is the initial report or an indication of an exploit for a vulnerability that had been previously reported.  It could be paired with High or Critical.


ZERO

ZERO DAY 

This bottom descriptor indicates that a vulnerability has been announced without the opportunity for the vendor to patch it before the details are made known.  It could be paired with High or Critical.