Vulnerability Pulse

Every week, we catalog the major industrial cybersecurity vulnerabilities and updates you should know about. Here are the notable threats from the week of January 30 - February 5. Sign up to get these updates right to your inbox!

FEBRUARY 04, 2022

CISA

CISA added a new vulnerability, CVE-2022-21882, to its Known Exploited Vulnerabilities Catalog. It is a privilege escalation vulnerability in Microsoft Win32k.

Sources: CISA Known Exploited Vulnerabilities Catalog, CISA

FEBRUARY 03, 2022

Cisco

Cisco released security updates for RV series routers due to vulnerabilities found that could allow an attacker to gain control of affected systems.

Sources: Cisco Security, CISA

Airspan Networks Mimosa

CISA released an ICS advisory that explains vulnerabilities in Airspan Networks Mimosa products.

Sources: CISA ICSA, CISA

FEBRUARY 02, 2022

Fortinet

Versions of FortiAuthenticator HA service contain an improper access control vulnerability.

Sources: Fortinet, NIST

IBM

Versions of IBM Security Verify Access could allow an attacker to authenticate as any user on the system.

Sources: IBM Security, IBM Support, NIST

Google

Google released security updates for Chrome that address vulnerabilities an attacker could use to gain control of affected systems.

Sources: Google Chrome, CISA

FEBRUARY 01, 2022

Ivanti

Ivanti Service Manager is vulnerable to XSS through the appName parameter.

Sources: Ivanti, NIST

Samba

Versions of Samba contain vulnerabilities that could allow an attacker to gain control of affected systems.

Sources: Carnegie Mellon University, CISA

JANUARY 31, 2022

Huawei

Multiple Huawei products are vulnerable to information exposure due to software not properly protecting certain information.

Sources: Huawei, NIST

SUBSCRIBE

GET ON THE BEAT

 

Keep your finger on the pulse of top industry news

RECENT NEWS
HACKS & ATTACKS
RESOURCES