New Alerts for ManageEngine, ProPump & Controls, SAUTER, IBM, Xerox, Tenable, and Linux.
ManageEngine
ManageEngine ADSelfService Plus pertains to an OTP–brute-force issue in the Password Sync Agent that could affect integrated third-party applications. Attackers could exploit this vulnerability using specialized, highly sophisticated machines to reset passwords and take control over integrated third-party applications. This is rated High.
More info.
Osprey Pump Controller contains several vulnerabilities. Successful exploitation of these vulnerabilities could allow an attacker to gain unauthorized access, retrieve sensitive information, modify data, cause a denial-of-service, and/or gain administrative control. Highest CVSSv3 score of 9.8
No response from ProPump and Controls.
More info.
SAUTER EY-modulo 5 Building Automation Stations contains multiple vulnerabilities. Successful exploitation of these vulnerabilities could lead to privilege escalation, unauthorized execution of actions, a DoS, or retrieval of sensitive information. Highest CVSSv3 score of 8.8
No patch will be available because encryption is not supported.
More info.
Spectrum Protect Plus contains security vulnerabilities in third-party software included in the product. Highest CVSSv3 score of 10
More info.
Xerox has updated third-party software in several of their Print Server products.
More info.
Tenable.sc has been updated with fixes for multiple vulnerabilities in third-party software. Highest CVSSv3 score of 9.8
More info.