New Alerts for Mitsubishi Electric, NetApp, and Linux.
MoveIT Transfer has identified a Critical vulnerability that allows unauthorized access to the environment.
Mitsubishi Electric
Multiple vulnerabilities exist in MELSEC iQ-R Series/iQ-F Series EtherNet/IP modules and EtherNet/IP configuration tools. Due to improper handling of the password for the FTP function a remote attacker may connect to the module via FTP and bypass authentication. Highest CVSSv3 score of 7.5
More info.
NetApp has published 10 new bulletins identifying vulnerabilities in third-party software included in their products. Highest CVSSv3 score of 9.8
Five have patches.
More info.
Oracle Linux has updated the kernel. More info.
Ubuntu has updated the kernel. More info.
MoveIT
More info.