Monthly Patches are out for Microsoft. New Alerts for Intel, Citrix, VMware, Google Chrome, Veeam, Brocade, and Linux.        

Adobe had no Monthly Patches this cycle.    

Palo Alto Network Monthly Patches should be out this afternoon.


Microsoft Exploit

Monthly Patches are out, with 68 vulnerabilities, 10 rated Critical, 1 previously disclosed, and 4 are being exploited in the wild. Highest CVSSv3 score of 8.8
More info. And here. And here.

Intel 

Intel has published 24 new bulletins, highest CVSSv3 score of 8.7
More info.

Improper authentication in the Intel(R) SDP Tool may allow a remote attacker to potentially enable information disclosure. CVSSv3 score of 4.3
More info.

Improper buffer restrictions in the Hyperscan library may allow a remote attacker to potentially enable escalation of privilege. CVSSv3 score of 4.3
More info.

Potential security vulnerabilities in some Intel Chipset Firmware in Intel CSME, Intel AMT and Intel SPS may allow escalation of privilege or DoS. Highest CVSSv3 score of 8.7
More info.

Citrix 

Vulnerabilities have been discovered in Citrix Gateway and Citrix ADC that could allow authenticaion bypass, remote desktop takeover, and brute force of logins. Highest CVSSv3 score of 9.8
More info.

VMware 

Multiple vulnerabilities in VMware Workspace ONE Assist could allow authentication bypass. Highest CVSSv3 score of 9.8
More info.

Google 

Google has updated Chrome for Desktop to fix 10 security vulnerabilities.
More info.

Microsoft is aware and working on Edge. More info.

Veeam 

A vulnerability was discovered within the Backup Appliance component of Veeam Backup for Google Cloud that allows users to bypass authentication mechanisms. CVSSv3 score of 10.
More info.

Brocade 

A vulnerability in Brocade Fabric OS software could allow a remote unauthenticated attacker to execute on a Brocade Fabric OS switch commands capable of modifying zoning, disabling the switch, disabling ports, and modifying the switch IP address. CVSSv3 score of 9.4
More info.

Linux 

Red Hat has updated the firmware and kpatch. More info.



Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page

A mobile version of our Security Wizardry Radar Page, providing vulnerability details and visibility for a variety of software and industries.

SecurityWizardry.com - Vulnerability Details

Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries.