Skip to main content

CND News and Blog

New Vulnerabilities Friday 14 February


New Alerts for mySCADA, Dingtian, Broadcom, WatchGuard, Outback Power, IBM, and Linux.

mySCADA 

myPRO Manager contains several vulnerabilities that could allow a remote attacker to execute arbitrary OS commands, upload files, and obtain sensitive information without providing associated credentials. Highest CVSSv4 score of 10.
More info.

Dingtian 

DT-R0 Series contains a vulnerability that could allow a remote attacker to modify the device settings and gain administrator access. CVSSv4 of 9.3
More info.

Broadcom 

Several bulletins have been published for Brocade SANnav, including weak TLS Ciphers, encryption key in the debug logs, and an issue in the Docker implementation. Highest CVSSv4 score of 8.6
More info.

WatchGuard 

An Improper Input Validation vulnerability in Fireware OS allows a remote attacker to redirect users to malicious websites, poison the web cache, or inject malicious JavaScript into responses sent by the Web UI. CVSSv4 score of 5.1
More info.

Outback Power 

Mojave Inverter contains several vulnerabilities that could allow a remote attacker to access sensitive data or inject commands. Highest CVSSv4 score of 8.7
No patch, they may discontinue the product, disable networking features.
More info.

IBM 

IBM has published a Critical bulletin for Operational Decision Manager for Jan 2025. Highest CVSSv3 score of 9.1
More info.

Linux 

Alpine Linux has published new versions. More info.
AlmaLinux has updated the kernel. More info.



Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page

A mobile version of our Security Wizardry Radar Page, providing vulnerability details and visibility for a variety of software and industries.

SecurityWizardry.com - Vulnerability Details

Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries.

Report Print
×
Stay Informed

When you subscribe to the blog, we will send you an e-mail when there are new updates on the site so you wouldn't miss them.

By accepting you will be accessing a service provided by a third-party external to https://www.cndltd.com/