SUBSCRIBE

Vulnerability Pulse

Every week, we catalog the major industrial cybersecurity vulnerabilities and updates you should know about. Here are the notable threats from the week of January 9 - 15. Sign up to get these updates right to your inbox!

January 14, 2022

Ivanti

Ivanti updated its Log4J advisory with the security updates that have been made for multiple products.

Sources:

Ivanti,

CISA
January 13, 2022

Juniper

Juniper Networks released security updates for multiple products that had vulnerabilities that could allow an attacker to take control of affected systems.

Sources:

Juniper Networks,

CISA

Citrix

Citrix released security updates for Hypervisor to address vulnerabilities that could allow an attacker to take control of affected systems.

Sources:

Citrix,

CISA

Apple

Apple released security updates due to a vulnerability that could cause a denial-in-service in versions of IOS.

Sources:

Apple,

CISA

Cisco

Cisco released security updates for Cisco Unified Contact Center Management Portal and Cisco Unified Contact Center Domain Manager due to a vulnerability that could allow an attacker to take control of affected systems.

Sources:

Cisco,

CISA
January 11, 2022

Adobe

Adobe released security updates for five Adobe products due to vulnerabilities that could lead to an attacker gaining control of affected systems.

Sources:

CISA,

Acrobat,

Illustrator,

Bridge,

InCopy,

InDesign

Citrix

Citrix released a security update for the Workspace App for Linux due to a vulnerability that could lead to an attacker gaining control of affected systems.

Sources:

Citrix,

CISA

SAP

SAP released security updates for multiple products, addressing vulnerabilities that could allow an attacker to gain control of affected systems.

Sources:

SAP,

CISA

Microsoft

Microsoft released security updates due to vulnerabilities found that could allow an attacker to gain control of affected systems.

Sources:

Microsoft,

Microsoft security update guide,

CISA

Mozilla

Mozilla released security updates for Firefox, Firefox ESR and Thunderbird due to vulnerabilities found that could lead to an attacker gaining control of affected systems.

Sources:

Mozilla Firefox 96,

Mozilla Firefox ESR,

Mozilla Thunderbird,

CISA

Samba

Samba released a security update due to a vulnerability that affects multiple versions of Samba, which could result in an attacker gaining control of affected systems.

Sources:

Samba,

CISA

U.S. Critical Infrastructure

CISA, the FBI and the NSA released a joint Cybersecurity Advisory to help preventive measures against Russian state-sponsored cyber threats.

Sources:

CISA Alert,

CISA