Monthly Patches are out for MediaTek. New Alerts for GE Digital, IBM, and Dell.
Monthly Patches for Qualcomm are expected this afternoon, and tomorrow should bring Monthly Patches for Google Android, Samsung, and Quarterly Patches for Splunk.
GE Digital
GE Digital Proficy Historian Software contains Authentication, Access Control and File Upload vulnerabilities that could be exploited to bypass authentication, authenticate and perform file operations on remote server machine, and view/change data while transferring between client/collector machine and server machine.
More info.
MediaTek has published monthly patches with 22 fixed vulnerabilities, 1 rated High and the rest Medium.
More info.
Vulnerabilities have been identified in Spring Framework, OpenSSL and Apache HTTP Server shipped with the DS8000 Hardware Management Console (HMC). Highest CVSSv3 score of 9.8
More info.
Dell has patched the 2021 Apache Struts vulnerability in Avamar Server and Avamar Virtual Edition. CVSSv3 score of 9.8
More info.
Dell has patched third-party software components included in Dell Avamar, Dell NetWorker Virtual Edition, and Dell PowerProtect DP Series Appliance or Dell Integrated Data Protection Appliance. Dell rates this Critical.
More info.
EMC NetWorker is vulnerable to an unauthenticated RCE vulnerability in the NetWorker Client execution service (nsrexecd) when oldauth authentication method is used. Dell rates this High, CVSSv3 score of 7.5
More info.
Security Wizardry Cyber Threat Intelligence - The Radar Page
Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page