Vulnerabilities

Multiple Cisco Products Server Name Identification Data Exfiltration Vulnerability

Posted on August 20, 2021August 20, 2021 by CSIRT

Medium Advisory ID: cisco-sa-sni-data-exfil-mFgzXqLN First Published: 2021 August 18 16:00 GMT Version 1.0: Interim Workarounds: No workarounds available Cisco Bug IDs: CSCvy50873CSCvy64824CSCvy76771 CVSS Score: Base 5.8 CVE-2021-34749 CWE-200 Download CVRF Email Summary A vulnerability in Server Name Identification (SNI) request filtering of Cisco Web Security Appliance (WSA), Cisco Firepower Threat Defense (FTD), and the Snort […]

Continue reading →

Vulnerabilities

ModiPwn flaw in Modicon PLCs bypasses security mechanisms

Posted on July 15, 2021July 15, 2021 by CSIRT

ModiPwn flaw (CVE-2021-22779) in some of Schneider Electric’s Modicon PLCs can allow attackers to bypass authentication mechanisms and take over the device. Researchers at IoT security firm Armis discovered an authentication bypass vulnerability, tracked as CVE-2021-22779 and dubbed ModiPwn, that affects some of Schneider Electric ’s Modicon PLCs. The flaw can be exploited by an unauthenticated attacker […]

Continue reading →

Vulnerabilities

Adobe: Critical Flaws in Reader, Acrobat, Illustrator

Posted on July 15, 2021July 15, 2021 by CSIRT

Adobe has issued multiple security advisories with patches for critical vulnerabilities in a wide range of software products, including the ever-present Adobe Acrobat and Reader application. The Mountain View, Calif.-based Adobe urged Windows and macOS users to treat the PDF Reader patch with the utmost priority, because the flaws expose machines to remote code execution […]

Continue reading →

Vulnerabilities

Windows Print Spooler Remote Code Execution Vulnerability

Posted on July 7, 2021July 7, 2021 by CSIRT

CVE-2021-34527Security Vulnerability Released: 1 Ιουλ 2021 Last updated: 6 Ιουλ 2021Assigning CNA: Microsoft MITRE CVE-2021-34527CVSS:3.0 8.8 / 8.2 Attack VectorNetworkAttack ComplexityLowPrivileges RequiredLowUser InteractionNoneScopeUnchangedConfidentialityHighIntegrityHighAvailabilityHighExploit Code MaturityFunctionalRemediation LevelTemporary FixReport ConfidenceConfirmed Executive Summary A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could […]

Continue reading →

Vulnerabilities

Cross-site scripting in Trend Micro InterScan Web Security Virtual Appliance

Posted on June 17, 2021June 17, 2021 by CSIRT

Published: 2021-06-15 Risk Medium Patch available YES Number of vulnerabilities 1 CVE ID CVE-2021-31521 CWE ID CWE-79 Exploitation vector Network Public exploit N/A Vulnerable software InterScan Web Security Virtual ApplianceServer applications / Server solutions for antivurus protection Vendor Security Advisory This security advisory describes one medium risk vulnerability. 1) Cross-site scripting Risk: Medium CVSSv3.1: 5.3 […]

Continue reading →