CND News and Blog

New Vulnerabilities Monday 01 August
michele654
Vulnerabilities
Monthly Patches are out for MediaTek. New Alerts for Bosch, F5, NetApp, and Western Digital.        Tomorrow is Mobile Monthly Patch day, and Splunk Quarterly Patches. Bosch  Multiple vulnerabilities were identified in BF-OS used by Bigfish V3 and PR21 (Energy Platform) devices and Bigfish VM image, which are part of the da...
New Vulnerabilities Friday 29 July
michele654
Vulnerabilities
New Alerts for IBM, Hitachi, Citrix, Tenable, Mozilla, and Linux. IBM  A vulnerability in IBM PowerVM VIOS could allow a remote attacker to tamper with system configuration or cause a DoS. CVSSv3 score of 9.1More info.AIX is affected by multiple vulnerabilities due to Python. Highest CVSSv3 score of 9.8More info. Hitachi  Hitachi has publ...
New Vulnerabilities Thursday 28 July
michele654
Vulnerabilities
New Alert for Dell. Dell  Dell PowerMax Embedded NAS contains remediation for multiple security vulnerabilities that may be exploited by remote attackers to compromise the affected system. Dell rates this Critical.More info.Dell VxRail remediation is available for multiple security vulnerabilities that may be exploited by remote attackers to c...
New Vulnerabilities Wednesday 27 July
michele654
Vulnerabilities
New Alerts for Honeywell, Mozilla, Mitel, IBM, Aruba, and Linux. Honeywell  Honeywell Safety Manager contains multiple vulnerabilities that could allow for configuration and firmware manipulation or remote code execution. Highest CVSSv3 score of 7.5More info. Mozilla  Mozilla has published security updates for Firefox and Firefox ESR, the...
Defeating Pesky Drones on Superyachts
Andy Cuff
Maritime Cyber
Drones have presented a problem to superyachts for some time, diminishing the guest experience and impacting the privacy of both guests and crew. The impact of this is debatable and some are more accepting of drone attention than others. Although for some VVIP owners and guests, privacy is precious and they do not want their time with family and fr...
New Vulnerabilities Tuesday 26 July
michele654
Vulnerabilities
New Alerts for IBM, Trellix, FileWave, and Citrix. IBM  Tivoli Netcool Manager has been updated to fix several security vulnerabilities in third-party software. Highest CVSSv3 score of 9.8More info.Tivoli Network Manager has been updated to fix several security vulnerabilities in third-party software. Highest CVSSv3 score of 9.8More info.Ratio...
New Vulnerabilities Monday 25 July
michele654
Vulnerabilities
New Alerts for SonicWall, Microsoft Edge, and NetApp. SonicWall  An Unauthenticated SQL Injection vulnerability impacts SonicWall GMS and Analytics On-Prem. CVSSv3 score of 9.4More info. Microsoft  Microsoft has updated Edge with the latest chromium security fixes.More info. NetApp  NetApp has published 7 new bulletins identifying vu...
New Vulnerabilities Friday 22 July
michele654
Vulnerabilities
New Alerts for ICONICS, Johnson Controls, Hitachi, Veritas, WithSecure, and Linux. ICONICS  ICONICS GENESIS64, Hyper Historian, AnalytiX, IoTWorX, MobileHMI, GraphWorX64, and GenBrokerX64 contain several vulnerabilities that could result in information disclosure, RCE, or DoS. Highest CVSSv3 score of 9.8More info. Johnson Controls  Johnso...
New Vulnerabilities Thursday 21 July
michele654
Vulnerabilities
New Alerts for Cisco, Atlassian, Apple, IBM, Dell, and Linux. Cisco  Cisco has published 7 new bulletins, 1 rated Critical, 1 rated High, 4 rated Medium, and 1 Informational.More info.Multiple vulnerabilities in Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to execute arbitrary commands, read or upload container image f...
New Vulnerabilities Wednesday 20 July
michele654
Vulnerabilities
New Alerts for Google Chrome, IBM, and Linux. Google  Google has published a security update for Chrome for Desktop with 11 security fixes, at least 5 rated High.More info.Microsoft is aware and updating Edge. More info. IBM  IBM QRadar Network Security is affected by multiple vulnerabilities in Expact library. Highest CVSSv3 score of 9.8...
New Vulnerabilities Tuesday 19 July - Part 2
michele654
Vulnerabilities
Oracle Quarterly Patches are out. New Alert for MiCODUS (0-Day).    Oracle  The Oracle Quarterly Patch set is out, with 349 fixed vulnerabilities across 138 products, 233 of which are remotely exploitable. 4 have a CVSSv3 score of 10, another 54 have CVSSv3 scores of 9.8More info. MiCODUS 0-Day MiCODUS MV720 GPS Tracker contains mult...
New Vulnerabilities Tuesday 19 July
michele654
Vulnerabilities
New Alerts for Mitsubishi Electric and Linux. Oracle Quarterly Patches are expected out this afternoon. Mitsubishi Electric  Multiple vulnerabilities exist in GENESIS64 and MC Works64. A remote attacker may cause information disclosure, DoS, or RCE. Highest CVSSv3 score of 9.8More info. Linux  Alpine Linux has published a new version with...
New Vulnerabilities Monday 18 July
michele654
Vulnerabilities
New Alerts for Festo, NetApp, and Linux. Festo  The Festo controller CECC product family is affected by multiple vulnerabilities in the CODESYS V3 runtime. A remote attacker may gain full access to the devices or make them unavailable. Highest CVSSv3 score of 9.8No fixes for current hardware are planned.More info. And here. NetApp  NetApp...
New Vulnerabilities Friday 15 July
michele654
Vulnerabilities
New Alerts for ABB, IBM, and Linux. ABB  A path traversal vulnerability exists in the implementation of the Totalflow TCP protocol in ABB G5 products. This vulnerability can allow a remote attacker to gain access to restricted directories and can lead to RCE as root. CVSSv3 score of 8.1More info. IBM  Json-schema is used by Tivoli Netcool...
New Vulnerabilities Thursday 14 July
michele654
Vulnerabilities
Quarterly Patches are out for Juniper. New Alerts for OPC Foundation, Veritas, and Linux. The Oracle CPU Pre-release notice should be out this afternoon. Juniper  Quarterly Patches are out, with 21 bulletins, 4 rated Critical, 8 High, and 9 Medium. Highest CVSSv3 score of 10More info.Multiple vulnerabilities have been resolved in the Junos Spa...
New Vulnerabilities Wednesday 13 July
michele654
Vulnerabilities
Monthly Patches are out for Microsoft and Adobe. New Alerts for Dahua, IBM, Dell, WithSecure, and Linux. This afternoon Palo Alto Networks Monthly Patches are expected. Microsoft  Monthly Patches are out, with 86 patched vulnerabilities, 4 rated Critical, 1 actively exploited. Highest CVSSv3 score of 8.8More info. And here. And here.An RPC run...

By accepting you will be accessing a service provided by a third-party external to https://www.cndltd.com/

Are You Ready To Find Out More?

Arrange a Chat With Our Friendly Service Delivery Team.