Fortinet has put out Monthly Patches. New Alerts for Cisco, OPC, and libssh.
Cisco
A vulnerability in the web-based management interface of Cisco SPA112 2-Port Phone Adapters could allow a remote attacker to execute arbitrary code on an affected device. CVSSv3 score of 9.8 Product is EOL, no updates will be provided.
More info.
A vulnerability in the OPC UA .NET Standard Reference Server allows a remote attacker to send malicious requests that expose sensitive information. CVSSv3 score of 5.3
More info.
A vulnerability in the OPC UA .NET Standard Reference Server allows a remote attacker to send malicious requests that consume all memory available to the server. CVSSv3 score of 7.5
More info.
The authentication check of the connecting client can be bypassed in circumstances of memory allocation problems. CVSSv3 score of 4.2
More info.
FortinetFortinet has published 9 new bulletins, 2 rated High, 4 rated Medium, and 3 rated Low. Highest CVSSv3 score of 7.8
More info.
A weak authentication vulnerability in FortiNAC device registration page may allow an unauthenticated attacker to perform password spraying attacks with an increased chance of success. CVSSv3 score of 5
More info.
A use of a weak cryptographic algorithm vulnerability in FortiNAC may increase the chances of an attacker to have access to sensitive information or to perform man-in-the-middle attacks. CVSSv3 score of 3.8
More info.
