This week we have eight vendor disclosures from Digitek, EIP Stack Group, Genetec, QNAP (2), VMware, and Wibu (2). We also have two vendor updates from Dell and Mitsubishi. Finally, we have an exploit for products from Wibu.
Vendor Disclosures
Digitek Advisory - Incibe-CERT published an
advisory describing an SQL injection vulnerability in the Digitek Secure 8
system.
EIP Stack Group Advisory - Incibe-CERT published an
advisory describing an out-of-bounds read vulnerability in the EIP Stack
Group OpENer product.
Genetec Advisory - Genetec published an
advisory discussing vulnerabilities in Bosch IP cameras that may affect
their Security Center, Security Center SaaS Edition, and Stratocast products.
QNAP Advisory - QNAP published an advisory
describing an insecure storage of sensitive information vulnerability in their QNAP
NAS products running myQNAPcloud Link.
QNAP Advisory - QNAP published an advisory
describing an out-of-bounds read vulnerability in their QNAP NAS products
running QTS and QuTS hero.
VMware Advisory - VMware published an
advisory describing a denial-of-service vulnerability in their VMware Tools
for Windows product.
Wibu Advisory - Wibu published an
advisory describing a buffer over-read vulnerability in their CodeMeter
Runtime Network Server.
Wibu Advisory - Wibu published an advisory describing a denial-of-service vulnerability in their CodeMeter Runtime CmWAN Server.
Vendor Updates
Dell Update - Dell published an
update for their Dell Wyse Windows Embedded System that was
originally published on May 11th, 2021.
Mitsubishi Update - Mitsubishi published an update for their MC Works advisory that was originally published on June 18th, 2020 and most recently updated on January 14th, 2021.
Exploits
Wibu Exploit - Brian Rodriquez published an exploit for a unquoted service
path vulnerability in the Wibukey Runtime product.
For a more detailed look at these disclosures see my article
at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-dda
(subscription required),
Posts
No comments:
Post a Comment