Monthly Patches are out for Fortinet. New Alerts for Hitachi Energy, Hitachi, Zyxel, and WithSecure.
I expected Qualcomm, Samsung, and Android patches today. They may come this afternoon, or not until next week because of the Monday holiday.
Hitachi Energy
Hitachi Energy AFS660/AFS665 series contains a security vulnerability that could allow an attacker to fully compromise the target device. CVSSv3 score of 9.8
More info.
Hitachi Energy MicroSCADA Pro/X SYS600 products contain security vulnerabilties in the product as well as open source software included with the product. Highest CVSSv3 score of 8.5
More info. And here.
Cosminexus XML Processor contains a vulnerability in Apache Xerces Java. CVSSv3 score of 6.5
More info.
Fortinet Monthly Patches are out, with 12 new bulletins. One rated High, 9 rated Medium, and 1 rated Low.
More info.
An improper verification of source of a communication channel vulnerability in FortiOS may allow a remote and unauthenticated attacker to trigger the sending of "blocked page" HTML data to an arbitrary victim via crafted TCP requests, potentially flooding the victim. CVSSv3 score of 6.6
More info.
A format string vulnerability was found in a specific binary of Zyxel NAS products that could allow an attacker to achieve unauthorized remote code execution via a crafted UDP packet. CVSSv3 score of 9.8
Only supported products are patched.
More info.
A DoS vulnerability was discovered in the fsicapd component used in WithSecure products whereby the service may crash while parsing the scanning request. The exploit can be triggered remotely by an attacker.
More info.
Comments