New Alerts for Google Chrome, Aruba, Honeywell, PTC, GE Grid, Johnson Controls, HP, and Linux.
Google has updated Chrome for Desktop to include 24 security fixes, at least 1 rated Critical.
More info.
Microsoft is aware and working on Edge. More info.
Aruba AOS-CX switches contain multiple vulnerabilities. Highest CVSSv3 score of 8.3
More info. And here.
Honeywell ControlEdge has hard-coded root credentials when commissioned, which may allow a remote attacker full control. CVSSv3 score of 9.8
More info.
Honeywell Experion LX does not have authentication features for the EpicMo protocol. CVSSv3 score of 9.1
More info.
PTC Kepware KEPServerEX contains several buffer overflow vulnerabilities. Highest CVSSv3 score of 9.8
More info. And here.
The RT43x GPS/GNSS precision clock runs mini_httpd 1.19 which suffers from known vulnerabilities, including remote code execution. Highest CVSSv3 score of 9.8
More info.
Johnson Controls has confirmed a vulnerability impacting iSTAR Ultra. A remote attacker could craft an HTTP post request to run arbitrary commands as root user. CVSSv3 score of 10.
More info. And here.
Certain HP Print and Digital Send products may potentially be vulnerable to a Denial of Service (DOS) attack when elliptical curve certificates are used. CVSSv3 score of 5.3
More info.
Ubuntu has updated the kernel. More info.