New Alerts for Xerox, Eaton, Carrier, Apple, IBM, Rockwell Automation, and Veritas.
Xerox
Xerox FreeFlow Print Server v7 and v9 have been updated with Oracle October 2022 patches. CVSSv3 score of 10, according to CERT Bund.
More info. And here.
Form 7 recloser control and Proview NXG use CODESYS components. Eaton has published a bulletin identifying vulnerabilites from 2021 and 2022 in their products due to CODESYS. A remote attacker could download and execute malicious code, cause a DoS, or cause a device to restart unexpectedly.
More info.
LenelS2's OnGuard platform is vulnerable to a Client Authentication Bypass vulnerability in Erlang/OTP through the installation/use of RabbitMQ. CVSSv3 score of 9.8
More info.
Apple has published a security update for iOS, but no details are available yet.
More info.
IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of GnuPG. Highest CVSSv3 score of 9.8
More info.
IBM MQ Operator and Queue manager container images are vulnerable to multiple vulnerabilities from Expat, SQlite, libxml2, Libksba, zlib and GnuTLS. Highest CVSSv3 score of 9.8
More info.
FactoryTalk Live Data Communication Module is vulnerable to a MitM attack. CVSSv3 score of 5.9
More info.
Access Appliance and NetBackup Flex Scale are vulnerable to an unauthenticated command injection vulnerability. CVSSv3 score of 9.8
More info.
Comments