New Alerts for Crestron, Johnson Controls, Emerson, Bosch, B&R Automation, HPE Aruba (Exploit), Tenable, and Linux.
Crestron
Aan issue exists in the 3-Series Control Systems where crafting and sending a specific BACnet packet can crash the system.
More info. And here.
Johnson Controls IQ Wifi 6 contains a vulnerability that a remote attacker could use to gain account access by conducting a brute force authentication attack. CVSSv3 score of 8.3
More info. And here.
ROC800-Series RTU products contain an Authentication Bypass vulnerability that could allow a remote attacker to cause a DoS or gain unauthorized access to data or control of the device. CVSSv3 score of 9.4
More info.
Multiple vulnerabilities were found in the PRA-ES8P2S Ethernet-Switch. Highest CVSSv3 score of 9.8
The CVEs go back to 2007.
More info.
B&R Automation Runtime contains a vulnerability that a remote attacker could cause several services of the system node to become inaccessible. CVSSv3 score of 8.6
More info.
HPE Aruba Networking has released patches for Aruba access points running InstantOS and ArubaOS that address multiple security vulnerabilities. Highest CVSSv3 score of 9.8
More info. And here.
Security Center has been updated to correct vulnerabilities in OpenSSL. Highest CVSSv3 score of 7.5
More info. And here.
Ubuntu has updated the kernel. More info.