Skip to main content

Vulnerability Details

The Computer Network Defence Alert State is designed to give a granular and more dynamic visualisation of the current cyber security threat.  Any increase in an alert state will occur immediately an issue is detected and it will drop again by one level each working day

Our rationale for this agility is that vulnerabilities often occur in clusters, therefore reducing the alert state again quickly, will increase your visibility of new threats to the same product. Daily reductions in alert state occur at approximately 1900 GMT/UTC. Significant vulnerabilities may remain for longer. Vulnerabilities on this page are predominantly remotely executable, very few local server exploits will be shown.

Monday 26 February 2024


Microsoft

Patch

Edge has been updated to fix the latest chromium-based vulnerabilities.
Note the normal Edge announcement page doesn't yet show this update.
More info. And (maybe) here.


WithSecure

Patch

A DoS vulnerability was discovered in WithSecure products where the engine scanner goes into infinite loop when processing certain archive file. The exploit can be triggered remotely by an attacker. CVSSv3 score of 7.5
More info.


HPE

New

A vulnerability in GNU C Library impacts HPE IceWall products. A remote attacker could cause a DoS. CVSSv3 score of 5.9
Manual fixes, no actual "patch".
More info.


HP

Patch

A DoS vulnerability has been identified in Tera2 Zero Client and Remote Workstation Card Firmware when using Service Location Protocol. CVSSv3 score of 7.5
More info.


F5

Patch

A vulnerability in OpenSSH in BIG-IP and Traffix SDC could allow a remtoe attacker to establish an SSH Proxy session when it should have been denied. CVSSv3 score of 4.8
Patches are available for Traffix SDC but not BIG-IP.
More info.


IBM

Patch

OpenSSH used by IBM i is vulnerable to a remote attacker executing arbitrary commands due to improper validation. CVSSv3 score of 9.8
More info.

IBM Cognos Analytics contains vulnerabilities in open-source software. Highest CVSSv3 score of 9.8
More info.

Vulnerabilities in Go-git were remediated in IBM Observability with Instana. Highest CVSSv3 score of 9.8
More info.


Linux

Patch

Red Hat has updated the kernel. More info.
Ubuntu has updated the kernel. More info.
Mageia has updated systemd. More info.
Amazon Linux has updated sudo. More info.
Amazon Linux 2 has updated sudo. More info.


  

Friday 23 February 2024


Semtech

Patch

Three vulnerabilities affect the Sierra Wireless EM919x and EM929x cellular modules. These vulnerabilities were announced as part of Qualcomm’s December Security Bulletin. Highest CVSSv3 score of 7.5
More info.


Dell

Patch

Dell Avamar server, Dell Avamar Virtual Edition and Dell Integrated Data Protection Appliance remediation is available for Apache Struts 2 security vulnerabilities. Dell rates this Critical.
More info.

Dell Avamar, Dell NetWorker Virtual Edition, and Dell PowerProtect DP Series Appliance /Integrated Data Protection Appliance remediation is available for multiple vulnerabilities. Dell rates this Critical.
More info.


NetApp

New

NetApp has published 8 bulletins identifying vulnerabilities in third-party software included in their products. Highest CVSSv3 score of 8.1
No patches yet.
More info.


WAGO

Patch

WAGO products are affected by the Terrapin attack vulnerability in the SSH transport protocol that allows a remote attacker to compromise the integrity of connections, potentially leading to the downgrade or disablement of critical security features. CVSSv3 score of 5.9
More info.


Linux

Patch

CentOS 7 has updated the kernel firmware. More info.
Oracle Linux has updated the kernel. More info.


  

Thursday 22 February 2024


Progress
Kemp

Patch

LoadMaster and ECS Connection Manager cointain a security vulnerability that allows a remote attacker to issue a carefully crafted API command that will allow arbitrary system commands to be executed without authentication. CVSSv3 score of 10.
More info.


B&R

Patch

A fix in the B&R web service interface solves a vulnerability that results in an insecure communication channel in the Upgrade Service of B&R. This allows a remote attacker to sniff sensitive data or insert and run arbitrary code.
The support of the insecure communication channel will be disabled on 29th February 2024.
More info.


IBM

Patch

Vulnerabilities in AIX's Perl could allow an attacker to execute arbitrary commands. Highest CVSSv3 score of 9.8
More info.

IBM Cloud Pak for Data Scheduling is vulnerable to multiple ansible-operator and opm vulnerabilities. Highest CVSSv3 score of 9.8
More info.


HP

Patch

Certain HP Enterprise LaserJet, and HP LaserJet Managed Printers are vulnerable to information disclosure, buffer overflow, and RCE. Highest CVSSv3 score of 8.8
More info. And here. And here.


Tenable

Patch

Tenable Identity Exposure has been update to fix vulnerabilities in third-party software, ASP.NET Core and Envoy.  Highest CVSSv3 score of 9.9
More info. And here.


Linux

Patch

Ubuntu has updated the kernel. More info.


  

Wednesday 21 February 2024


VMware

New

Arbitrary Authentication Relay and Session Hijack vulnerabilities exist in the deprecated VMware Enhanced Authentication Plug-in.  Remove plugin. CVSSv3 score of 9.6
More info.


CISA

Patch

ICSNPP - Ethercat Plugin for Zeek put out by CISA contains 2 vulnerabilities, including  OOB Write/Read.  CVSSv3 score of 9.8
More info. And here.


Atlassian

Patch

Atlassian has published a security bulletin covering 11 high severity vulnerabilities in their products.
More info.


UI

Patch

A malformed discovery packet sent by a remote attacker could interrupt the functionality of device management and discovery on UniFi AP, UniFi Switch, UniFi LTE Backup and UniFi Express devices. CVSSv3 score of 7.5
More info.


Mozilla

Patch

Mozilla has published security updates for Thunderbird, Firefox, and Firefox ESR, all rated High.
More info.


Google

Patch

Google has updated Chrome for Desktop to fix 12 security vulnerabilities.
More info.


Linux

Patch

Ubuntu has updated the kernel. More info.


  

Tuesday 20 February 2024


PostgreSQL

Patch

pgjdbc, the PostgreSQL JDBC driver, allows attacker to inject SQL if using PreferQueryMode=SIMPLE.  CVSSv3 score of 10.
More info.


Mitsubishi
Electric

Patch

A RCE vulnerability due to Microsoft Message Queuing service on Microsoft Windows exists in Electrical discharge machines. A remote attacker can execute malicious code on the product by sending specially crafted packets. CVSSv3 score of 9.8
More info.


ConnectWise

Patch

ConnectWise ScreenConnect has been updated to fix 2 vulnerabilities.  Highest CVSSv3 score of 10.
More info.


HPE

Patch

A security vulnerability in Apache Tomcat impacts HPE IceWall products. A remote attacker could exploit the vulnerability to disclose sensitive information. CVSSv3 score of 5.3
More info.


Zyxel

Patch

Zyxel has released patches addressing multiple vulnerabilities in some firewall and access point (AP) versions. One of the vulnerabilities can allow a remote attackerm to achieve RCE. Highest CVSSv3 score of 8.1
More info.


Linux

Patch

Red Hat has updated the kernel and kpatch. More info.
Amazon Linux has updated the kernel. More info.
Amazon Linux 2 has updated the kernel. More info.
Amazon Linux 2023 has updated the kernel. More info.


  

Monday 19 February 2024


BD

Patch

BD has updated Care Coordination Engine and Identity Provider Manager to fix vulnerabilities in third-party software.
More info.


  

Friday 16 February 2024


B&R

Patch

A vulnerability exists in B&R APROL that allows a remote attacker, with MitM capabilities to manipulate SSH messages and compromise the integrity of connections. CVSSv3 score of 5.9
More info.


IBM

Patch

QRadar Suite Software includes components with known vulnerabilities. Highest CVSSv3 score of 9.8
More info.

IBM has released updates for IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data in response to multiple vulnerabilities found in multiple components. Highest CVSSv3 score of 9.8
More info.

Multiple vulnerabilities were addressed in IBM Application Performance Management. Highest CVSSv3 score of 9.8
More info.  And here.


Dell

Patch

Dell RecoverPoint for Virtual Machines remediation is available for multiple security vulnerabilities. Dell rates this Critical.
 More info.


NetApp

Patch

NetApp has published 11 new bulletins identifying vulnerabilities in third-party software included in their products.  Highest CVSSv3 score of 9.8
Two have patches.
More info.


Tenable

Patch

Security Center has been updated to fix several vulnerabilities. Highest CVSSv3 score of 7.3
More info.


Linux

Patch

Red Hat has updated kpatch. More info.


  

Thursday 15 February 2024


Palo Alto
Networks

Patch

Palo Alto Networks Monthly Patches include 6 bulletins, 5 rated Medium and 1 rated Informational. Highest CVSSv3 score of 6.3
More info.


Node.js

Patch

A security update for Node.js is available, that includes fixes for third-party software security vulnerabilities, as well as 5 Node.js specific patches.  Of these, 2 are rated High and 3 rated Medium.
More info.


Contiki-NG

Patch

Contiki-NG, an OS for IoT, contains a vulnerability that allows a remote attacker to trigger out-of-bounds reads.  CVSSv3 score of 8.6
 More info.


BD

Patch

BD has published security patches for Data Agent, Pyxis products, and Alaris products.
More info.


Squid

Patch

Due to a Collapse of Data into Unsafe Value bug, Squid may be vulnerable to a DoS attack against HTTP header parsing. CVSSv3 score of 8.6
More info.


HPE

Patch

A security vulnerability has been identified in HPE SimpliVity Servers using SSH. This vulnerability could allow remote attackers to bypass integrity checks. CVSSv3 score of 5.9
More info.


Linux

Patch

SUSE has updated the kernel. More info.


  

Wednesday 14 February 2024


Microsoft

Exploit

Microsoft Monthly Patches include 80 patches, 5 rated Critical and 2 being exploited. Highest CVSSv3 score of 9.8
More info. And here.

Windows SmartScreen contains a security feature bypass vulnerability rated Moderate, CVSSv3 score of 7.6.  Currently exploited.
More info.

Internet Shortcut Files contains a security feature bypass vulnerability rated Important, CVSSv3 score of 8.1. Currently exploited.
More info.

Microsoft Exchange Server contains an elevation of privilege vulnerability that can be exploited by a remote attacker. Rated Critical. CVSSv3 score of 9.8
More info.

Microsoft Outlook contains a RCE vulnerability rated Critical. CVSSv3 score of 9.8
More info.


Adobe

Patch

Adobe Monthly Patches include updates for Commerce, Substance 3D Painter, Acrobat and Reader, FrameMaker Publishing Server, Audition, and Substance 3D Designer. Highest CVSSv3 score of 9.8
More info.


ISC

Patch

Seven vulnerabilities hae been patched in BIND.  Highest CVSSv3 score of 7.5.
 More info.


Intel

Patch

Intel has published 34 bulletins for their products.  Highest CVSSv3 score of 8.8
More info.

 Buffer underflow in some Intel PCM software allows a remote attacker to cause a DoS. CVSSv3 score of 7.5
More info.

Insufficiently protected credentials in some Intel Server Product OpenBMC firmware allows a remote attacker to enable information disclosure. CVSSv3 score of 5.3
More info.


HPE

Patch

Security vulnerabilities have been identified in certain HPE ProLiant Servers using AMD EPYC Processors. These vulnerabilities are remotely exploitable via integer underflow, buffer overflow, out of bounds read, infinite loop, predictable TCP initial sequence numbers and weak pseudorandom number generator. Highest CVSSv3 score of 8.3
More info.


F5

Patch

F5 has published 19 bulletins for their products. Several allow a remote attacker to achieve DoS in BIG-IP products.
More info.


Google

Patch

Google has updated Chrome for Desktop to fix 1 security vulnerability.
More info.


Linux

Patch

Ubuntu has updated the kernel. More info.


  

Tuesday 13 February 2024


Siemens

Patch

Siemens Monthly Patches include 15 new bulletins and 8 updated bulletins.  Of the new bulletins, Highest CVSSv3 score of 9.8
More info.

SINEC NMS is affected by multiple vulnerabilities. CVSSv3 score of 9.8
More info.

SCALANCE XCM-/XRM-300 before V2.4 is affected by multiple vulnerabilities. Highest CVSSv3 score of 9.8
More info.

SCALANCE W1750D devices contain multiple vulnerabilities that could allow a remote attacker to inject commands or exploit buffer overflow vulnerabilities which could lead to sensitive information disclosure, DoS, or RCE. Highest CVSSv3 score of 9.8
More info.

Location Intelligence is affected by a Use of Hard-coded Credentials vulnerability that could allow a remote attacker to obtain full administrative access to the application. CVSSv3 score of 9.8
More info.

Polarion ALM is affected by incorrect default path permissions and improper authentication in the REST API endpoints of DOORS connector. A remote attacker could exploit the vulnerabilities for unauthenticated access. Highest CVSSv3 score of 7.8
More info.

SIMATIC CP 343-1 products incorrectly validate TCP sequence numbers. This could allow a remote attacker to create a DoS by injecting spoofed TCP RST packets. CVSSv3 score of 7.5
More info.

SIDIS Prime is affected by multiple vulnerabilities in the components OPC UA and OpenSSL, that could allow a remote attacker to reuse OPC UA client credentials, create a DoS of the SIDIS Prime OPC UA client, or create a DoS of the SIDIS Prime TLS service. CVSSv3 score of 7.5
More info.

Siemens has released a new version for RUGGEDCOM APE1808 to update Nozomi Guardian. CVSSv3 score of 5.3
More info.


Schneider
Electric

Patch

Schneider Electric has published Monthly Patches with three new bulletins and one updated bulletin. Highest CVSSv3 score of 8.1
More info.

Schneider Electric is aware of multiple vulnerabilities in its EcoStruxure Control Expert, EcoStruxure Process Expert, and Modicon M340, M580 PLCs. Highest CVSSv3 score of 8.1
More info.


SAP

Patch

SAP Patch Day includes 13 new Security Notes and 3 updates to previous Security Notes.  Of the new Notes, highest CVSSv3 score of 9.1.  One of the updated Notes is rated CVSSv3 score of 10.
 More info.


Zoom

Patch

Zoom has published 7 new bulletins identifying vulnerabilities in Desktop Client for Windows, VDI Client for Windows, Meeting SDK for Windows, and Clients.  Highest CVSSv3 score of 9.6
More info.


PowerDNS

Patch

An attacker can publish a zone that contains crafted DNSSEC related records that can cause the Recursor’s resource usage to become high, resulting in a DoS. CVSSv3 score of 7.5
More info.


Dell

Patch

Dell Power Protect Data Manager has been updated to fix security vulnerabilities in third-party software.  Dell rates this Critical.
More info.


HIMA

Patch

Several products are vulnerable to a remote attacker using an uncontrolled resource consumption vulnerability to cause a DoS. Highest CVSSv3 score of 7.5
More info.


  

Monday 12 February 2024


Linux

Patch

Oracle Linux has updated the kernel. More info.


  

ALERT DEFINITIONS

PRODUCT

GUARDED 

This alert state represents the return towards normalisation of an alert state, indicating that there was a higher alert state due to a product vulnerability during the previous few days.


PRODUCT

INCREASED 

This alert state indicates that a product vulnerability has been identified within the last few days. The vulnerability is either difficult to exploit, or if exploited, results in reduced impact to the target system.


PRODUCT

HIGH 

This alert state indicates a more serious vulnerability which is exploitable.


PRODUCT

CRITICAL 

This alert state indicates a significant threat to the product, where exploits exist or where the vulnerability is potentially devastating.


NEW

NEW 

This bottom descriptor is used with a vulnerability which has been identified in the last 24 hours, with no patch or exploit. It will typically be paired with Increased.


+24hrs

+24hrs

 This bottom descriptor is used with Indicates an alert state which has been present for more than 24 hours. It will typically be paired with Guarded, and could be changed to +48hr for an item that came out as Critical.


Patch

PATCH 

This bottom descriptor indicates that patches are available for vulnerabilities, whether it is the initial report or a patch of a vulnerability that had been previously reported.  It could be paired with Increased or High, and on rare occasions Critical.


Exploit

EXPLOIT 

This bottom descriptor indicates that an Exploit has been made public for a vulnerability, whether it is the initial report or an indication of an exploit for a vulnerability that had been previously reported.  It could be paired with High or Critical.


ZERO

ZERO DAY 

This bottom descriptor indicates that a vulnerability has been announced without the opportunity for the vendor to patch it before the details are made known.  It could be paired with High or Critical.