Skip to main content

CND News and Blog

New Vulnerabilities Thursday 16 October


New Alerts for Cisco, Mitsubishi Electric, Meinberg, Elvaco, LCDS, and Linux.

Cisco 

Cisco has published 3 new bulletins. Highest CVSSv3 score of 8.2
More info.

Multiple vulnerabilities in Cisco ATA 190 Series Analog Telephone Adapter firmwarecould allow a remote attacker to delete or change the configuration, execute commands as the root user, conduct a XSS attack, view passwords, conduct a CSRF attack, or reboot the device. Highest CVSSv3 score of 8.2
More info.

Mitsubishi Electric 

CNC Series products contain an Improper Validation of Specified Quantity in Input vulnerability, that could allow a remote attacker to cause a DoS. CVSSv3 score of 5.9
More info. And here.

Multiple vulnerabilities exist in GENESIS64 and MC Works64 that could allow a remote attacker to cause a DoS, execute malicious code, or bypass authentication. Highest CVSSv3 score of 7.0
More info.

Meinberg 

The LANTIME firmware has been updated to include security fixes for several libraries and programs.
More info.

Elvaco 

M-Bus Metering Gateway CMe3100 contains several vulnerabilities, including Missing Authentication for Critical Function, Unrestricted Upload of File with Dangerous Type, Cross-site Scripting, and Insufficiently Protected Credentials. Highest CVSSv4 score of 9.2
No response from vendor.
More info.

LCDS 

LAquis SCADA contains a Cross-site Scripting vulnerability that could allow an attacker to steal cookies, inject arbitrary code, or perform unauthorized actions. CVSSv4 score of 7.0
More info.

Linux 

Ubuntu has updated the kernel. More info.
Oracle Linux has updated the kernel. More info.



Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page

A mobile version of our Security Wizardry Radar Page, providing vulnerability details and visibility for a variety of software and industries.

SecurityWizardry.com - Vulnerability Details

Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries.

Report Print
×
Stay Informed

When you subscribe to the blog, we will send you an e-mail when there are new updates on the site so you wouldn't miss them.

By accepting you will be accessing a service provided by a third-party external to https://www.cndltd.com/