Monthly Patches are out for Juniper Networks. New Alerts for Ivanti (Exploit), Cisco, Palo Alto Networks, IBM, Dell, and Linux.
Ivanti Exploit
Ivanti Connect Secure, Policy Secure and Neurons for ZTA gateways has been updated to fix 1 Critical and 1 High vulnerability, the worst of which allows a remote attacker to achieve RCE. CVSSv3 score of 9.0
More info. And here. And here. And here.
A vulnerability in certification validation routines of Cisco ThousandEyes Endpoint Agent for macOS and RoomOS could allow an unauthenticated, remote attacker to intercept or manipulate metrics information. CVSSv3 score of 4.8
More info.
Multiple vulnerabilities in the Expedition migration tool allow a remote attacker to read database contents and arbitrary files as well as create and delete arbitrary files, including information such as usernames, cleartext passwords, device configurations, and device API keys. Highest CVSSv4 score of 7.8
More info.
The Prisma browser has been updated with chromium patches. CVSSv4 score of 8.6
More info.
Juniper Monthly Patches (?) includes 10 new bulletins, with updates for Junos OS, Junos Space, Junos OS Evolved. Highest CVSSv3 score of 9.8
More info.
IBM has published a Critical bulletinf or Application Performance Management.
More info.
Dell has published a Critical bulletin for VxRail.
More info.
Ubuntu has updated the kernel. More info.
Alma Linux has updated the kernel. More info.
Security Wizardry Cyber Threat Intelligence - The Radar Page
Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page