New Alerts for Rockwell Automation, Docker, Spring (VMware), NetApp, Extreme Networks, Zoom, and Linux.
Rockwell Automation
5015-U8IHFT contains a DoS vulnerability with a malformed CIP Message. CVSSv4 score of 8.7
More info.
FactoryTalk Batch View contains an authentication bypass vulnerability due to shared secrets. CVSSv4 score of 9.2
More info.
FactoryTalk View Site Edition contains a RCE vulnerability. CVSSv4 score of 9.2
More info.
ControlLogix/GuardLogix 5580 and CompactLogix/Compact GuardLogix 5380 are vulnerable to DoS. CVSSv4 score of 8.7
More info.
Docker Desktop has been updated to fix 2 security vulnerabilities that allow RCE. Highest CVSSv4 score of 9.0
More info.
Spring Framework has been updated to fix a Path Traversal vulnerability. CVSSv3 score of 7.5
More info. And here.
NetApp has published 12 bulletins identifying vulnerabilities in third-party software included in their products. Highest CVSSv3 score of 9.8
Five have patches.
More info.
Extreme Networks has published 3 months of vulnerability bulletins, 38 in total. CVSSv3 score of 8.1
More info.
regreSSHion Vulnerability in OpenSSH Server affects several Extreme Networks products. CVSSv3 score of 8.1
More info.
Apache Tomcat DoS in HTTP/2 Connector affects several Extreme Networks products. CVSSv3 score of 5.3
More info.
Amazon Corretto vulnerabilities have been addressed in several Extreme Networks products. CVSSv3 score of 7.4
More info.
A business logic error in some Zoom Workplace Apps may allow a remote attacker to disclose information. CVSSv3 score of 5.3
More info.
SUSE has updated the kernel. More info.
Oracle Linux has updated the kernel. More info.
Ubuntu has updated the kernel. More info.
Security Wizardry Cyber Threat Intelligence - The Radar Page
Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page