CND News and Blog

New Vulnerabilities Tuesday 08 November


Monthly Patches are out for Siemens, Schneider Electric, Qualcomm, Google Android, Google Pixel, Samsung, and SAP. New Alerts for NETGEAR and Linux.       

This afternoon Microsoft and Adobe Monthly Patches should be out.  Tomorrow is Palo Alto Networks.


Schneider Electric 

Monthly Patches are out, with 1 new bulletin and 5 updated bulletins.
More info.

Schneider Electric is aware of multiple vulnerabilities in its NetBotz 4 - 355/450/455/550/570 products. Highest CVSSv3 score of 8.8
More info.

Siemens 

Siemens Monthly Patches include 17 bulletins, 9 new bulletins and 8 updated bulletins. Highest CVSSv3 score of 9.9
More info.

RUGGEDCOM ROS-based V4 devices are vulnerable to a denial of service attack (Slowloris). By sending partial HTTP requests nonstop the affected web servers will be waiting for the completion of each request, occupying all available HTTP connections. The web server recovers by itself once the attack ends. CVSSv3 score of 5.3
More info.

SICAM Q100 devices contain multiple vulnerabilities that could allow an attacker to take over the session of a logged in user or to inject custom code. Highest CVSSv3 score of 9.9
More info.

The SCALANCE W1750D device contains multiple vulnerabilities that could allow an attacker to inject commands or exploit buffer overflow vulnerabilities which could lead to DoS, unauthenticated RCE, or stored XSS. Highest CVSSv3 score of 9.8
More info.

Qualcomm 

Qualcomm Monthly Patches include 12 vulnerabilities, 1 rated Critical, 8 rated High, and 3 Medium. Highest CVSSv3 score of 9.8
More info.

Google 

Google Android Monthly Patches include 19 vulnerabilities, all rated High, plus Imagination Technologies, Mediatek, Qualcomm, and Unisoc component updates.
More info.

Google Pixel has two additional vulnerabilities rated High, plus Android and Qualcomm updates.
More info.

Samsung 

Samsung has published 26 SVEs, along with Google Android patches.
More info.

SAP 

SAP Security Patch Day saw the release of 9 new Security Notes and 2 updated Security Notes. Of the new Notes, 2 are rated Hot News, 2 rate High, and 5 rated Medium. Highest CVSSv3 score of 9.9
More info.

NETGEAR 

NETGEAR has publsihed 59 new bulletins. Highest CVSSv3 score of 8.8
More info.

Linux 

SUSE has updated the kernel. More info.
OpenSUSE has updated the kernel. More info.
Red Hat has updated the kernel. More info.



Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page

A mobile version of our Security Wizardry Radar Page, providing vulnerability details and visibility for a variety of software and industries.

SecurityWizardry.com - Vulnerability Details

Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries.

Report Print
×
Stay Informed

When you subscribe to the blog, we will send you an e-mail when there are new updates on the site so you wouldn't miss them.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Thursday, 08 December 2022

Captcha Image

By accepting you will be accessing a service provided by a third-party external to https://www.cndltd.com/

Are You Ready To Find Out More?

Arrange a Chat With Our Friendly Service Delivery Team.