New Alerts for Microsoft SharePoint (Exploit), Sophos Firewall, Helmholz, MB connect, BD, PowerDNS, and Linux.
Microsoft Exploit
Deserialization of untrusted data in on-premises Microsoft SharePoint Server allows a remote attacker to execute code over a network. Microsoft is aware that an exploit exists in the wild. Note that public exploits were announced 19 July, patches were published 20 July. CVSSv3 score of 9.8
More info. And here.
Sophos has resolved five security vulnerabilities in Sophos Firewall, 2 rated Critical, 2 rated High, 1 rated Medium. Highest CVSSv3 score of 9.8
More info.
Multiple vulnerabilities in all REX 100 devices allow an attacker to gain full control over the device. Highest CVSSv3 score of 7.2
More info.
Multiple vulnerabilities in all mbNET.mini devices allow a remote attacker to gain full control over the device. Highest CVSSv3 score of 7.2
More info. And here.
BD has published security patches in Pyxis, Data Agent, CCE, Alaris, Kiestra TLA/WCA, Kiestra TLA Track, Kiestra ReadA, and Kiestra InoqulA.
More info.
PowerDNS has patched a security vulnerability where a Recursor configured to send out ECS enabled queries can be sensitive to spoofing attempts. CVSSv3 score of 7.5
More info.
Red Hat has updated the kernel and kernel-rt. More info.
Security Wizardry Cyber Threat Intelligence - The Radar Page
Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page