New Alerts for Cisco, Mitsubishi Electric, Endress+Hauser, and Dell.
Cisco
Cisco has published 4 new bulletins, 1 rated Critical and 3 rated Medium. The Critical bulletin identifies static SSH Credentials for root in Unified Communications Manager. CVSSv3 score of 10.
More info.
A DoS vulnerability exists in MELSEC iQ-F series that allows a remote attacker to lockout a legitimate user for a certain period of time by repeatedly attempting to login with an incorrect password. CVSSv3 score of 5.3
More info.
Arbitrary code execution vulnerabilities in 7-Zip allows a remote attacker to execute arbitrary malicious code by getting 7-Zip, which is included in MELSOFT Update Manager, to decompress a specially crafted compressed file. Highest CVSSv3 score of 8.1
More info.
Several vulnerabilities in the Endress+Hauser MEAC300-FNADE4 were discovered that can be accessed via Ethernet. Highest CVSSv3 score of 8.6
More info.
Mozilla has published a bulletin rated High for Thunderbird.
More info.
Dell has published a Critical bulletin for Integrated System for Microsoft Azure Stack Hub.
More info.
Security Wizardry Cyber Threat Intelligence - The Radar Page
Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page