New Alerts for Microsoft Edge, WAGO, SonicWall, GnuPG, Trumpf, Softing, and Linux.
Microsoft
Microsoft has updated Edge to include the latest chromium vulnerability fixes.
More info.
Multiple vulnerabilities exist in Controllers with WAGO I/O-Pro / CODESYS 2.3 Runtime. Highest CVSSv3 score of 9.8
More info. And here.
Multiple products contain a vulnerability that prevents the MAC address filter from being active after restart. A remote unauthenticated attacker is able to circumvent the MAC address filtering after a reboot of a device. CVSSv3 score of 6.5
More info.
SonicWall GMS contains a vulnerability that allows an unauthenticated attacker to gain access to web directory containing the application's binaries and configuration files through file path manipulation vulnerability. CVSSv3 score of 5.3
More info.
A severe bug has been found in [Libksba] , the library used by GnuPG for parsing the ASN.1 structures as used by S/MIME. The bug may be used for remote code execution. CVSSv3 score of 8.1
More info.
Multiple Trumpf Products use default privileged Windows users and passwords. An remote, unauthenticated attacker may use these accounts to remotely gain full access to the system. CVSSv3 score of 9.8
More info.
Several Softing products contain a vulnerability that could allow a malformed write request to cause an excess memory allocation or an out-of-bounds memory access. CVSSv3 score of 7.5
More info.
A use after free vulnerability exists in OPC UA C++ SDK and OPC Suite. If the browse continuation points are exceeded, the server may crash due to a use-after-free error. CVSSv3 score of 7.5
More info.
SUSE has updated the kernel. More info.
OpenSUSE has updated the kernel. More info.
Arch Linux has updated the kernel. More info.
Security Wizardry Cyber Threat Intelligence - The Radar Page
Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page