New Alerts for Microsoft (0-Day, Acropalypse), Cisco, Varta Storage, Meinberg, OpenSSL, and Philips.
Microsoft 0-Day
The vulnerability dubbed "Acropalypse" originally identified and fixed in Pixel has now cropped up (see what we did there) in Windows 11's Snipping Tool and Windows 10's Snip & Sketch tool. When editing a saved screenshot and resaving, parts of the original image are recoverable.
More info. And here.
Cisco has published 18 new bulletins, 9 rated High and 11 rated Medium. Highest CVSSv3 score of 8.6
More info.
A remote attacker can cause a DoS through various functions of the XE Software. Highest CVSSv3 score of 8.6
More info. And here. And here. And here.
Hard-coded credentials in Web-UI of multiple VARTA Storage products allows an unauthorized attacker to gain administrative access to the Web-UI via network. CVSSv3 score of 9.1
No patch yet.
More info.
LANTIME firmware has been updated to fix vulnerabilities in third-party software.
More info.
A DoS vulnerability in certificate chains has been patched.
More info.
Philips has identified 5 products that are vulnerable to the recently patched RCE vulnerabilities in Microsoft. They are working on mitigation.
More info.
Comments