Skip to main content

CND News and Blog

Categories
Teams
Archives
Categories:   All Categories
Suggested keywords
x

New Vulnerabilities Wednesday 04 May

Vulnerabilities 1079 Hits 0 Comments

Monthly Patches are out for F5 and Fortinet. New Alerts for Yokogawa, Aruba, OpenSSL, Rockwell Automation, Hitachi Energy, Mozilla, Emerson, and Linux.

F5 

F5 Monthly Patches are out, with 43 Security Advisories, and another 10 Security Exposures. One advisory is rated Critical, 17 are rated High, 24 are rated Medium, and 1 Low. Highest CVSSv3 score of 9.8
More info.

Fortinet 

Fortinet Monthly Patches are out with 9 bulletins, 1 rated Critical, 2 are rated High, and 6 are rated Medium. Highest CVSSv3 score of 9
More info.

Yokogawa 

Yokogawa has updated a previous bulletin to include the ProSafe-RS product as vulnerable. Highest CVSSv3 score of 7.5
More info.

Aruba 

Multiple heap overflow vulnerabilities exist with various networking vendors, dubbed TLStorm 2.0. ArubaOS-Switch devices are affected by these vulnerabilities. Exploitation allows for attackers to execute arbitrary code on the affected device. CVSSv3 score of 9.0
More info.

HPE's bulletin here.

OpenSSL 

Several moderate vulnerabilities in OpenSSL have been patched in the latest updates.
More info.

Rockwell Automation 

Rockwell Automation Factory Talk Production Center products contain third-party software that has several vulnerabilities. If exploited, these vulnerabilities could allow RCE, information disclosure, and DoS on FTPC products.
More info.

Hitachi Energy 

Hitachi Energy Gatway Station and FACTS Control Platform products are affected by multiple open-source software vulnerabilities. An attacker could eavesdrop on the traffic between network source and destination, gain unauthorized access to information or cause a DoS. Highest CVSSv3 score of 8.1
More info. And here.

Mozilla 

Mozilla has published security updates for Firefox and Firefox ESR, rated High.
More info.

Emerson 

Emerson AVENTICS AF2 Series flow sensor with Ethernet communication interface has multiple, specific cybersecurity vulnerabilities. The vulnerabilities may allow attackers to disrupt the embedded web server of the device under very specific circumstances and could allow denial of view functions and possibly exposure of system resources. Highest CVSSv3 score of 5.8
More info.

Linux 

Oracle Linux has updated the kernel. More info.

Security Wizardry Cyber Threat Intelligence - The Radar Page


https://radar.securitywizardry.com/

Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page

A mobile version of our Security Wizardry Radar Page, providing vulnerability details and visibility for a variety of software and industries.
https://www.securitywizardry.com/mobile-radar.htm

SecurityWizardry.com - Vulnerability Details

Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries.
https://www.securitywizardry.com/index.php/the-radar-page/alert-details#alerts
Report Print
×
Stay Informed

When you subscribe to the blog, we will send you an e-mail when there are new updates on the site so you wouldn't miss them.

About the author

michele654

michele654

Subscribe to updates from author Unsubscribe to updates from author michele654
Author's recent posts
More posts from author
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Monday, 06 May 2024

Captcha Image

By accepting you will be accessing a service provided by a third-party external to https://www.cndltd.com/