Monthly Patches are out for MediaTek. New Alerts for Bosch, F5, NetApp, and Western Digital.
Tomorrow is Mobile Monthly Patch day, and Splunk Quarterly Patches.
Bosch
Multiple vulnerabilities were identified in BF-OS used by Bigfish V3 and PR21 (Energy Platform) devices and Bigfish VM image, which are part of the data collection infrastructure of the Energy Platform solution. The most critical vulnerability may allow a remote attacker to gain administrative privileges to the device by brute-forcing a weak password. Highest CVSSv3 score of 9.8
More info.
MediaTek has published their monthly patches, with 1 vulnerability rated High and 24 Medium. These will become part of tomorrow's Mobile Patch Day updates.
More info.
F5OS-A, F5OS-C, and Traffix SDC contain a vulnerability in apache httpd that could allow a remote attacker to bypass IP-based authentication to access the data plane. CVSSv3 score of 7.3
More info.
NetApp has published 10 new bulletins identifying security vulnerabilities in third-party software included in their products. No patches yet.
More info.
Sweet B cryptographic library generates incorrect output under certain conditions. A remote attacker may cause a DoS.
More info.
Security Wizardry Cyber Threat Intelligence - The Radar Page
Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page