New Alerts for Trellix, ICL (Exploit), Microsoft, IBM, and Open vSwitch.

Trellix 

ePolicy Orchestrator (ePO) contains a vulnerability in APR-util that allows an attacker to write beyond bounds of a buffer. CVSSv3 score of 9.8
More info.

ICL Exploit

On ICL ScadaFlex II SCADA Controller SC-1 and SC-2 devices, remote attackers can overwrite, delete, or create files. This allows an attacker to execute critical file CRUD operations on the device that can potentially allow system access and impact availability. CVSSv3 score of 9.1
ICL is out of business, pull this out of your networks.
More info.

Microsoft 

Edge has updated for the latest chromium vulnerabilities.
More info.

IBM 

IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data has been patched for vulnerabilities in third-party software.
More info. And here. And here. And here. And here. And here. And here.

Open vSwith

Multiple versions of Open vSwitch are vulnerable to crafted IP packets with ip proto set to 0 allowing a remote attacker to cause a DoS.
More info.

Security Wizardry Cyber Threat Intelligence - The Radar Page


https://radar.securitywizardry.com/

Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page

A mobile version of our Security Wizardry Radar Page, providing vulnerability details and visibility for a variety of software and industries.
https://www.securitywizardry.com/mobile-radar.htm

SecurityWizardry.com - Vulnerability Details

Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries.
https://www.securitywizardry.com/index.php/the-radar-page/alert-details#alerts