New Alerts for Sielco (Exploit), Dingtian (Exploit), F5, BD, and IBM.
Sielco Exploit
Sielco PolyEco1000 contains several vulnerabilities, including Session Fixation, Improper Restriction of Excessive Authentication Attempts, Improper Access Control. Highest CVSSv3 score of 9.8
No response from vendor, exploit exists.
More info.
Analog FM Transmitters and Radio Link contain several ulnerabilities, including Improper Access Control, Cross-Site Request Forgery, Privilege Defined with Unsafe Actions. Highest CVSSv3 score of 9.8
No response from vendor, exploit exists.
More info.
DT-R002 contains a vulnerability that allows Authentication Bypass by Capture-Replay. CVSSv3 score of 5.9
No response from vendor, exploit exists.
More info.
BIG-IP Configuration utility contains a RCE vulnerability, that allows a remote attacker with access to the control plane to execute arbitrary system commands. CVSSv3 score of 9.8
More info.
BD has published updates for Alaris PCU and Alaris System with Guardrails Suite MX.
More info.
IBM UrbanCode has been updated to address multiple vulnerabilities in third-party software. Highest CVSSv3 score of 9.8
More info. And here.
IBM QRadar SIEM has been updated to address multiple vulnerabilities in third-party software. Of note is the Apache Log4j vulnerability from 2019. Highest CVSSv3 score of 9.8
More info.
Security Wizardry Cyber Threat Intelligence - The Radar Page
Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page