New Alerts for ManageEngine, ProPump & Controls, SAUTER, IBM, Xerox, Tenable, and Linux.

ManageEngine 

ManageEngine ADSelfService Plus pertains to an OTP–brute-force issue in the Password Sync Agent that could affect integrated third-party applications. Attackers could exploit this vulnerability using specialized, highly sophisticated machines to reset passwords and take control over integrated third-party applications. This is rated High.
More info.

ProPump & Controls 

Osprey Pump Controller contains several vulnerabilities. Successful exploitation of these vulnerabilities could allow an attacker to gain unauthorized access, retrieve sensitive information, modify data, cause a denial-of-service, and/or gain administrative control. Highest CVSSv3 score of 9.8
No response from ProPump and Controls.
More info.

SAUTER 

SAUTER EY-modulo 5 Building Automation Stations contains multiple vulnerabilities. Successful exploitation of these vulnerabilities could lead to privilege escalation, unauthorized execution of actions, a DoS, or retrieval of sensitive information. Highest CVSSv3 score of 8.8
No patch will be available because encryption is not supported.
More info.

IBM 

Spectrum Protect Plus contains security vulnerabilities in third-party software included in the product. Highest CVSSv3 score of 10
More info.

Xerox 

Xerox has updated third-party software in several of their Print Server products.
More info.

Tenable 

Tenable.sc has been updated with fixes for multiple vulnerabilities in third-party software. Highest CVSSv3 score of 9.8
More info.

Linux 
Ubuntu has updated the kernel. More info.



Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page

A mobile version of our Security Wizardry Radar Page, providing vulnerability details and visibility for a variety of software and industries.

SecurityWizardry.com - Vulnerability Details

Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries.