New Alerts for Cisco, Mitsubishi Electric, Endress+Hauser, and Dell.

Cisco

Cisco has published 4 new bulletins, 1 rated Critical and 3 rated Medium. The Critical bulletin identifies static SSH Credentials for root in Unified Communications Manager. CVSSv3 score of 10.
More info.

Mitsubishi Electric

A DoS vulnerability exists in MELSEC iQ-F series that allows a remote attacker to lockout a legitimate user for a certain period of time by repeatedly attempting to login with an incorrect password. CVSSv3 score of 5.3
More info.

Arbitrary code execution vulnerabilities in 7-Zip allows a remote attacker to execute arbitrary malicious code by getting 7-Zip, which is included in MELSOFT Update Manager, to decompress a specially crafted compressed file. Highest CVSSv3 score of 8.1
More info.

Endress+Hauser

Several vulnerabilities in the Endress+Hauser MEAC300-FNADE4 were discovered that can be accessed via Ethernet. Highest CVSSv3 score of 8.6
More info.

Mozilla

Mozilla has published a bulletin rated High for Thunderbird.
More info.

Dell

Dell has published a Critical bulletin for Integrated System for Microsoft Azure Stack Hub.
More info.

Security Wizardry Cyber Threat Intelligence - The Radar Page


https://radar.securitywizardry.com/

Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page

A mobile version of our Security Wizardry Radar Page, providing vulnerability details and visibility for a variety of software and industries.
https://www.securitywizardry.com/mobile-radar.htm

SecurityWizardry.com - Vulnerability Details

Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries.
https://www.securitywizardry.com/index.php/the-radar-page/alert-details#alerts