New Alerts for HP, Omron (Exploit), Google Chrome (Exploit), and Microsoft Edge (Exploit.)
Tomorrow is Oracle Quarterly Patches, the pre-release is out, see the link below.
HP
HP Device Manager could potentially allow command injection and/or elevation of privileges. Highest CVSSv3 score of 9.8
More info.
FINS is a protocol used in Omron equipment networks. FINS does not support encryption or authentication, allowing a remote attacker complete access. There will be no updates, disable FINS, don't put your ICS gear on the Internet.
More info.
CS/CJ series Programmable Controllers contain a missing authentication vulnerability. A remote attacker may access the file system provided by the CPU Unit without authenticatio and obtain available sensitive information. CVSSv3 score of 7.5
More info.
Google has updated Chrome for Desktop to include 2 security fixes, one of which is being exploited.
More info.
Microsoft has updated Edge with the fix for the exploited vulnerability in chromium.
More info.
https://www.oracle.com/security-alerts/ Pre-release Announcement for Oracle Quarterly patches.
Comments