Monthly Patches are out for Siemens, Schneider Electric, and SAP. New Alerts for Tanzu, WAGO, Rockwell Automation, and Linux. Monthly patches for Microsoft and Adobe are expected this afternoon.
Siemens
Monthly Patches for Siemens include 7 new and 13 updated bulletins. Of the new bulletins, highest CVSSv3 score of 9.8
More info.
Schneider Electric Monthly Patches include 2 new and 4 updated bulletins. Of the new bulletins, Highest CVSSv4 score of 5.8
More info.
SAP has published Monthly Patches with 21 new and 4 updated Security Notes, 4 rated Critical, 4 High, 14 Medium, and 3 Low. Highest CVSSv3 score of 10.
More info.
Broadcom has published 28 bulletins for Tanzu products, all rated Critical.
More info.
A DoS vulnerability exists in WAGO PFC200 and WAGO PFC100 Firmware, included in many WAGO products. A single packet can cause a DoS and weaken credentials resulting in the default documented credentials being applied to the device. CVSSv3 score of 9.1. No patch, disable the port. Note this is a 2019 CVE.
More info.
Rockwell Automation has published 8 new bulletins for FactoryTalk Analytics LogixAI, ControlLogix, Stratic IOS, 1783-NATR, ThinManager, FactoryTalk Optix, FactoryTalk Activation Manager, and CompactLogix. Highest CVSSv4 score of 8.7
More info.
Oracle Linux has updated the kernel. More info.
AlmaLinux has updated the kernel-rt. More info.
Amazon Linux 2023 has updated the kernel. More info.
