New Alerts for Microsoft Edge, Synology, Kieback&Peter, Spring, Belden, OPC Foundation, Hikvision, Moxa, and NetApp.
Microsoft
Microsoft has updated Edge to include the latest chromium fixes and 9 Edge-specific vulnerabilities.
More info.
Synology Camera BC500, TC500, and CC400W contain vulnerabilities that allow remote attackers to execute arbitrary code, bypass security constraints and conduct DoS attacks. Synology rates this Critical.
More info.
A vulnerability allows remote attackers to execute arbitrary code via a susceptible version of Synology BeeStation Manager. Synology rates this Critical.
More info.
DDC4000 Series contains Path Traversal, Insufficiently Protected Credentials, and Use of Weak Credentials vulnerabilities, that allows a remote attacker to gain full administrator rights on the system. Highest CVSSv4 score of 9.3
This product line is considered EOL.
More info.
Spring has been updated to fix 2 vulnerabilities. Highest CVSSv3 score of 7.5
More info.
A vulnerability in HiLCOS web interface allows a remote attacker to trigger a DoS. CVSSv3 score of 7.0
More info.
A vulnerability in the OPC UA .NET Standard Stack allows a remote attacker to trigger a gradual degradation in performance. CVSSv3 score of 5.3
More info.
Several vulnerabilities have been fixed in HikCentral Master Lite and Professional. Highest CVSSv3 score of 7.2
More info.
MXsecurity Series is affected by two vulnerabilities, included hardcoded credentials and exposed functions. CVSSv3 score of 5.3
More info.
NetApp has published 10 new bulletins identifying vulnerabilities in third-party software included in their products. Highest CVSSv3 score of 9.8
No patches yet.
More info.
