New Alerts for Veritas, Palo Alto Networks (Exploit), Dell, HPE, and Citrix (Exploit).

Veritas 

Enterprise Vault application starts several services that listen on random .NET Remoting TCP ports for possible commands from client applications. These TCP ports can be exploited due to vulnerabilities that are inherent to the .NET Remoting service. A remote attacker can exploit both TCP remoting services and local IPC services on the Enterprise Vault Server. CVSSv3 score of 9.8
Note the pre-requisites.
More info.

Palo Alto Networks Exploit

Palo Alto Networks has observed threat activity exploiting a previously reported unauthenticated remote command execution vulnerability against a limited number of firewall management interfaces which are exposed to the Internet. CVSSv4 score of 9.3
No patches yet.
More info.

Dell 

Dell has published Critical security updates for Connectrix Cisco MDS 900 Series and PowerProtect Data Manager.
More info.

HPE 

Security vulnerabilities have been identified in Unified OSS Console (UOC) and Unified OSS Console Assurance Monitoring (UOCAM). Highest CVSSv3 score of 6.1
More info.

Citrix Exploit

WatchTowr has reported a vulnerability in Virtual Apps and Desktops. An exposed MSMQ instance can be exploited, via HTTP, to enable a remote attacker to achieve RCE. Highest CVSSv3 score of 9.8
No patches yet, actively exploited.
More info. And here.

Security Wizardry Cyber Threat Intelligence - The Radar Page


https://radar.securitywizardry.com/

Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page

A mobile version of our Security Wizardry Radar Page, providing vulnerability details and visibility for a variety of software and industries.
https://www.securitywizardry.com/mobile-radar.htm

SecurityWizardry.com - Vulnerability Details

Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries.
https://www.securitywizardry.com/index.php/the-radar-page/alert-details#alerts