Monthly Patches are out for Siemens, Schneider Electric, and SAP. New Alerts for Apple (Exploit), IBM, Mozilla, BD, and Linux.
Monthly Patches for Microsoft and Adobe are expected this afternoon.
Siemens
Siemens Monthly Patches are out, with 5 new bulletins and 12 updated bulletins. Of the new bulletins, highest CVSSv3 score of 9.8
More info.
Devices based on RUGGEDCOM ROX contain multiple high severity vulnerabilities. Highest CVSSv3 score of 9.8
More info.
SiPass integrated contains a stack overflow vulnerability that could allow a remote attacker to crash the server application, creating a DoS. CVSSv3 score of 7.5
More info.
SIMATIC MV500 devices are affected by multiple vulnerabilities in the web server and several third-party components. Highest CVSSv3 score of 9.8
More info.
Schneider Electric Monthly Patches include 4 new bulletins and 4 updated bulletins. Highest CVSSv3 score of new bulletins is 8.8
More info.
SAP Monthly Patches includes 16 new Security Notes and 2 updates. Of the new notes, 1 is rated Hot News, 6 are rated High, and 9 are rated Medium. Highest CVSSv3 score of 9.1
More info.
Apple has published updates for Safari, iOS and iPadOS, and macOS (RSR patches) for a WebKit vulnerability that could allow code execution. This is actively exploited.
More info.
IBM Watson Assistant for IBM Cloud Pak for Data has addressed vulnerabilities in third-party software. Highest CVSSv3 score of 9.8
More info. And here. And here.
Mozilla has published an update for FIrefox and Firefox ESR rated High.
More info.
BD has published security patches that include Microsoft and third-party software updates for IDM, Alaris, Data Agent, and Pyxis product.
More info.
SUSE has updated the kernel. More info.
Red Hat has updated the kernel and kpatch. More info.
