Skip to main content

CND News and Blog

New Vulnerabilities Thursday 22 December


New Alerts for Synology, Mitsubishi Electric, Hikvision, IBM, and Western Digital.

Synology 

Multiple vulnerabilities allow remote attackers to execute arbitrary command, conduct denial-of-service attacks or read arbitrary files via a susceptible version of Synology Router Manager (SRM). CERT Bund rates this CVSSv3 score of 10.
More info.

Mitsubishi Electric 

A DoS vulnerability due to improper resource shutdown or release exists in MELSEC iQ-R, iQ-L series CPU module and MELIPC series. This vulnerability allows a remote attacker to cause a DoS condition in Ethernet communication on the module by sending specially crafted packets. CVSSv3 score of 7.5
More info.

Hikvision 

The web server of some Hikvision wireless bridge products have an access control vulnerability which can be used to obtain the admin permission. The attacker can exploit the vulnerability by sending crafted messages to the affected devices. CVSSv3 score of 9.1
More info.

IBM 

Security vulnerabilities in Node.js affect IBM Cloud Pak for Multicloud Management Managed Services. CVSSv3 score of 9.8
More info. And here.

Security vulnerabilities in Apache MINA SSHD and Scala affect IBM Tivoli Netcool Impact. CVSSv3 score of 9.8
More info. And here.

Western Digital 

Western Digital My Cloud, My Cloud Home, My Cloud Home Duo, and SanDisk ibi devices were vulnerable to an information disclosure that could allow an unauthenticated attacker to gain access to user data.
More info.



Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page

A mobile version of our Security Wizardry Radar Page, providing vulnerability details and visibility for a variety of software and industries.

SecurityWizardry.com - Vulnerability Details

Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries.

Report Print
×
Stay Informed

When you subscribe to the blog, we will send you an e-mail when there are new updates on the site so you wouldn't miss them.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Friday, 29 March 2024

Captcha Image

By accepting you will be accessing a service provided by a third-party external to https://www.cndltd.com/