Monthly Patches for Microsoft and Adobe. New Alerts for Delta Industrial Automation, Kingspan, Brocade, and Linux.
Microsoft Exploit
Microsoft Monthly Patches are out, with 79 vulnerabilities, 5 are critical with CVSSv3 scores of 9.8, 2 were previously disclosed, and 1 privilege escalation vulnerability is already being exploited.
More info. And here. And here.
A TCP/IP RCE vulnerability could allow a remote attacker to send a specially crafted IPv6 packet to a Windows node where IPSec is enabled, which could enable RCE. CVSSv3 score of 9.8
More info.
Monthly Patches are out for Adobe, with updates for Experience Manager, Bridge, InDesign, Photoshop, InCopy, Animate, and Illustrator. Highest CVSSv3 score of 7.8
More info.
Delta Industrial Automation DIAEnergie contains a Use of Hard-coded Credentials vulnerability that could allow a remote attacker to uploaded executables and achieve RCE. CVSSv3 score of 9.8
More info.
Kingspan TMS300 CS contains an Improper Authentication vulnerability that does not properly restrict access to endpoints, and could allow an attacker to view and modify application settings without authenticating. CVSSv3 score of 9.8
More info.
Brocade Fabric OS has several vulnerabilities. Highest CVSSv3 score of 9.8
More info.
SUSE has updated the kernel. More info.
OpenSUSE has updated the kernel. More info.
Red Hat has updated the kernel and others. More info.
Comments