Monthly Patches are out for Juniper Networks. New Alerts for Ivanti (Exploit), Cisco, BD, and NVIDIA.
Ivanti Exploit
Vulnerabilities have been discovered in Ivanti Connect Secure (ICS). These vulnerabilities used together allow a remote attacker to craft malicious requests and execute arbitrary commands on the system. Highest CVSSv3 score of 9.1
Patches in two weeks or so, mitigation is available.
More info. And here.
Cisco has published 7 new bulletins, 1 rated Critical and the rest Medium. Highest CVSSv3 score of 7.3
More info.
A vulnerability in the web-based management interface of Cisco Unity Connection could allow a remote attacker to upload arbitrary files to an affected system and execute commands on the underlying operating system. CVSSv3 score of 7.3, although this is rated Critical.
More info.
Juniper Monthly Patches are out with 27 bulletins, 4 rated Critical, 9 rated High, and 14 rated Medium. Highest CVSSv3 score of 10.
More info.
CTPView contains multiple vulnerabilities in 3rd party libraries. Highest CVSSv3 score of 9.8
More info.
An OOB Write vulnerability in J-Web of Juniper Networks Junos OS SRX Series and EX Series allows a remote attacker to cause a DoS, or RCE and obtain root privileges on the device. CVSSv3 score of 9.8
More info.
Security Director Insights addresses multiple vulnerabilities in 3rd party libraries. Highest CVSSv3 score of 10.
More info.
Multiple vulnerabilities have been resolved in Juniper Networks Session Smart Router by updating third-party components. Highest CVSSv3 score of 9.8
More info.
BD has published security updates for FACSMelody.
More info.
NVIDIA has released a firmware security update for the NVIDIA DGX A100 and H100 system. Highest CVSSv3 score of 9.3
More info.
Comments