New Alerts for Cisco, Mitsubishi Electric, Meinberg, Elvaco, LCDS, and Linux.
Cisco
Cisco has published 3 new bulletins. Highest CVSSv3 score of 8.2
More info.
Multiple vulnerabilities in Cisco ATA 190 Series Analog Telephone Adapter firmwarecould allow a remote attacker to delete or change the configuration, execute commands as the root user, conduct a XSS attack, view passwords, conduct a CSRF attack, or reboot the device. Highest CVSSv3 score of 8.2
More info.
CNC Series products contain an Improper Validation of Specified Quantity in Input vulnerability, that could allow a remote attacker to cause a DoS. CVSSv3 score of 5.9
More info. And here.
Multiple vulnerabilities exist in GENESIS64 and MC Works64 that could allow a remote attacker to cause a DoS, execute malicious code, or bypass authentication. Highest CVSSv3 score of 7.0
More info.
The LANTIME firmware has been updated to include security fixes for several libraries and programs.
More info.
M-Bus Metering Gateway CMe3100 contains several vulnerabilities, including Missing Authentication for Critical Function, Unrestricted Upload of File with Dangerous Type, Cross-site Scripting, and Insufficiently Protected Credentials. Highest CVSSv4 score of 9.2
No response from vendor.
More info.
LAquis SCADA contains a Cross-site Scripting vulnerability that could allow an attacker to steal cookies, inject arbitrary code, or perform unauthorized actions. CVSSv4 score of 7.0
More info.
Ubuntu has updated the kernel. More info.
Oracle Linux has updated the kernel. More info.
Security Wizardry Cyber Threat Intelligence - The Radar Page
Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page