New Alerts for Trellix, ICL (Exploit), Microsoft, IBM, and Open vSwitch.
Trellix
ePolicy Orchestrator (ePO) contains a vulnerability in APR-util that allows an attacker to write beyond bounds of a buffer. CVSSv3 score of 9.8
More info.
On ICL ScadaFlex II SCADA Controller SC-1 and SC-2 devices, remote attackers can overwrite, delete, or create files. This allows an attacker to execute critical file CRUD operations on the device that can potentially allow system access and impact availability. CVSSv3 score of 9.1
ICL is out of business, pull this out of your networks.
More info.
Edge has updated for the latest chromium vulnerabilities.
More info.
IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data has been patched for vulnerabilities in third-party software.
More info. And here. And here. And here. And here. And here. And here.
Multiple versions of Open vSwitch are vulnerable to crafted IP packets with ip proto set to 0 allowing a remote attacker to cause a DoS.
More info.
Comments