New Alerts for SolarWinds, Philips, Mitsubishi Electric, Microsoft Edge, Bosch, Ivanti, and Linux.
SolarWinds
Access Rights Manager has been updated and fixes 13 vulnerabilities. Highest CVSSv3 score of 9.6
Note ZDI rates several vulnerabilities at 10
More info.
Vue PACS contains several vulnerabilities, including: Out-of-bounds Write, Deserialization of Untrusted Data, Uncontrolled Resource Consumption, Use of Default Credentials, Exposure of Sensitive Information to an Unauthorized Actor. Highest CVSSv4 score of 9.3
Upgrades have been available since 2023, however this is the first reporting of this issue.
More info. And here.
A DoS vulnerability due to OpenSSL vulnerability exists in MELSOFT MaiLab. A remote attacker can cause a DoS by sending a specially crafted message authentication code. CVSSv3 score of 5.9
More info.
Microsoft has updated Edge with the latest Chromium updates.
More info.
PRC7000 firmware uses OpenSSH, and is vulnerable to RCE.
More info.
Endpoint Manager for Mobile has been updated to fix several vulnerabilities. Highest CVSSv3 score of 8.8
More info.
SUSE has updated the kernel. More info.
Oracle Linux has updated the kernel. More info.
Ubuntu has updated the kernel. More info.
Security Wizardry Cyber Threat Intelligence - The Radar Page
Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page
SecurityWizardry.com - Vulnerability Details