Monthly Patches are out for Qualcomm and MediaTek. New Alerts for Bouncy Castle, Linksys (0-Day), Moxa, Westermo, and Linux.

Bouncy Castle 

Several security vulnerabilities have been patched in the latest version of Bouncy Castle.
More info.

Linksys 0-Day

Two critical security vulnerabilities have been disclosed in Linksys E5600 routers, allowing for command injections due to insufficient input validation. Highest CVSSv3 score of 9.8
No patches are available.
More info.

Qualcomm 

Qualcomm Monthly Patches are out with 9 addressed vulnerabilities, 1 rated Critical 7 rated High and 1 rated Medium. Highest CVSSv3 score of 8.4
More info.

MediaTek 

MediaTek Monthly Patches are out with 10 vulnerabilities, 4 rated High and 6 rated Medium.
More info.

Moxa 

The NPort 5100A Series is affected by a web server vulnerability that allows remote attackers to get sensitive information and escalate privileges. CVSSv3 score of 8.3
More info.

Westermo 

EDW-100 contains 2 vulnerabilities including a hidden root user with a hardcoded password and insufficient authentication allowing a remote attacker to read the config file with the plaintext password. CVSSv3 score of 9.8
Mitigation and replacement are the correction options.
More info.

Linux 

OpenSUSE has updated the kernel. More info.
Red Hat has updated kpatch. More info.
Gentoo Linux has updated systemd. More info.

Security Wizardry Cyber Threat Intelligence - The Radar Page


https://radar.securitywizardry.com/

Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page

A mobile version of our Security Wizardry Radar Page, providing vulnerability details and visibility for a variety of software and industries.
https://www.securitywizardry.com/mobile-radar.htm

SecurityWizardry.com - Vulnerability Details

Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries.
https://www.securitywizardry.com/index.php/the-radar-page/alert-details#alerts