Every week, we catalog the major industrial cybersecurity vulnerabilities and updates you should know about. Here are the notable threats from the week of September 19 - 25. Sign up to get these updates right to your inbox!
IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI are vulnerable to stored cross-site scripting, which would allow people to embed arbitrary JavaScript code in the Web UI – leading to a disclosure of credentials.
Sources: nvd.nist.gov
Cisco released security updates for multiple Cisco products with vulnerabilities that could lead to an attacker taking control of an affected system.
Sources: tools.cisco.com
CISA, the FBI and the NSA released a joint cybersecurity advisory (CSA) reporting that there has been an increase of Conti ransomware attacks. The advisory gives recommended mitigations such as updating operating systems and software, using multi-factor authentication and implementing network segmentation.
Sources: us-cert.cisa.gov
VMware released security updates for vCenter and Cloud Foundation to address vulnerabilities that could allow an attacker to take control of an affected system.
Sources: vmware.com
NETGEAR routers had a remote code execution vulnerability, CVE-2021-40847, that would allow a remote attacker to take control of an affected system. They have released security updates.
Sources: kb.netgear.com
arch/mips/net/bpf_jit.c in the Linux kernel through 5.14.6 can produce bad machine code when tranforming unprivileged cBPF programs, which would allow an attacker to execute arbitrary code.
Sources: nvd.nist.gov
MaianAffiliate v.1.0 is facing problems with code injection by adding a new product by using the admin panel–the injected payload then showing on the affiliate main page.
Sources: nvd.nist.gov
