Monthly Patches are out for Siemens, Schneider Electric, and SAP. New Alerts for Apple (Exploit), Phoenix Contact, and Hitachi Energy.
Monthly Patches are expected for Microsoft and Adobe this afternoon, and Quarterly Patches for Splunk are expected today.
Apple Exploit
Apple released updates for Safari, iOS, iPadOS, MacOS, tvOS, and watchOS. At least one vulnerability in WebKit is already being exploited.
More info.
PLCnext Firmware has been updated to fix multiple vulnerabilities in third-party software. Highest CVSSv3 score of 9.8
More info. And here.
Siemens Monthly Patches are out with 13 new bulletins and 9 updated. Highest CVSSv3 score of 10.
More info.
COMOS is affected by memory corruption vulnerability in the cache validation service that could allow an attacker to execute arbitrary code or cause a DoS. CVSSv3 score of 10.
Monthly Patches for Schneider Electric include 3 new bulletins and 7 updated bulletins. The actual bulletins aren't available yet.
More info.
Hitachi Energy has published 10 new bulletins identifying a DoS vulnerability in the IEC 61850 communication stack used in their products. CVSSv3 score of 5.9
More info.
Multiple vulnerabilities in the Gateway Station (GWS) could allow a remote attacker to cause part of
GWS fail to start, unauthorized actor to run scripts, and may cause a DoS. Highest CVSSv3 score of 7.5
More info. And here.
SAP Patch Day includes 21 new Security Notes and 5 updates. Of the new notes, 3 are rated High, and 18 rated Medium, with the highest CVSSv3 score of 8.8.
More info.
Comments