Skip to main content

CND News and Blog

Categories
Teams
Archives
Categories:   All Categories
Suggested keywords
x

New Vulnerabilities Tuesday 10 May

Vulnerabilities 1214 Hits 0 Comments

Monthly Patches are out for Siemens, Schneider Electric, and SAP. New Alerts for Check Point (ZoneAlarm), Google (Chrome for Android and ChromeOS), Tenable, and Linux.           

Patches for Microsoft and Adobe are expected this afternoon.

Check Point 

Check Point has updated ZoneAlarm Extreme Security to fix a security vulnerability. This is rated Critical.
More info.

Siemens 

Monthly Patches are out for Siemens, with 12 new bulletins and 15 updated bulletins. Highest CVSSv3 score of 9.8
More info.

Multiple vulnerabilities exist in the webserver of SICAM P850 and SICAM P855 devices. These include unauthenticated access to web-interface functionality, missing HTTPS or impersonation as well as cross-site scripting related vulnerabilities. Highest CVSSv3 score of 9.8
More info.

A vulnerability exists in the OPC Foundation Local Discovery Server of several industrial products. A remote attacker could cause a DoS. CVSSv3 score of 7.5
More info.

Desigo PXC3, PXC4, PXC5 and DXR2 devices contain multiple vulnerabilities in the webserver application that could allow an attacker to potentially intercept unencrypted transmission of sensitive information, cause a DoS, or perform RCE. Highest CVSSv3 score of 9.0
More info.

A vulnerability in Desigo DXR and PXC controllers has been identified that could allow an attacker to disable and reset a device to factory state using a DoS. CVSSv3 score of 7.5
More info.

Schneider Electric 

Monthly Patches are out for Schneider Electric with 3 new bulletins and 3 updated bulletins.
More info.

Schneider Electric is aware of multiple vulnerabilities in its Wiser Smart products, including hard-coded credentials, failure to limit authentication attempts, and others. Highest CVSSv3 score of 9.4
More info.

SAP 

SAP Monthly Patches are out with 10 new Security Notes, and 4 updated notes. Of the new Notes, 3 are rated Hot News, 2 rated High, and 5 rated Medium. Highest CVSSv3 score of 9.8
More info.

Google 

Google has published an update for Chrome for Android with 13 security fixes.
More info.

Google has updated ChromeOS with several security fixes.
More info.

Tenable 

Nessus Network Monitor has been updated to fix vulnerabilities in third-party software. Highest CVSSv3 score of 9.8
More info.

Linux 

OpenSUSE has updated rsyslog. More info.
SUSE has updated rsyslog. More info.

Security Wizardry Cyber Threat Intelligence - The Radar Page


https://radar.securitywizardry.com/

Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page

A mobile version of our Security Wizardry Radar Page, providing vulnerability details and visibility for a variety of software and industries.
https://www.securitywizardry.com/mobile-radar.htm

SecurityWizardry.com - Vulnerability Details

Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries.
https://www.securitywizardry.com/index.php/the-radar-page/alert-details#alerts
Report Print
×
Stay Informed

When you subscribe to the blog, we will send you an e-mail when there are new updates on the site so you wouldn't miss them.

About the author

michele654

michele654

Subscribe to updates from author Unsubscribe to updates from author michele654
Author's recent posts
More posts from author
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Tuesday, 23 April 2024

Captcha Image

By accepting you will be accessing a service provided by a third-party external to https://www.cndltd.com/