Cisco IOS XE Software for Wireless LAN Controllers Multicast DNS Denial of Service Vulnerability

A vulnerability in the multicast DNS mDNS gateway feature of Cisco IOS XE Software for Wireless LAN Controllers WLCs could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition. This vulnerability is due to improper management of mDNS client entries. An attacker...

PT-2024-2513 · Cisco · Cisco Ios Xe

Name of the Vulnerable Software and Affected Versions: Cisco IOS XE Software affected versions not specified Description: The issue is related to insufficient access control in the command-line interface CLI of Cisco IOS XE Software for Cisco Wireless LAN Controllers WLCs. This is due to improper...

Aruba Networks ArubaOS 安全漏洞

Aruba Networks ArubaOS is an operating system for Aruba Mobility-Defined Networks, including Mobility Controllers and Mobility Access Switches, from Aruba Networks, Inc. A security vulnerability exists in Aruba Networks ArubaOS that originates from an authenticated denial of service vulnerability...

March 25, 2024—KB5037425 (OS Build 17763.5579) Out-of-band

March 25, 2024—KB5037425 OS Build 17763.5579 Out-of-band 11/17/20 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 10, version 1809, see its update history page. Highlights This...

The vulnerability of the microprogramming software for UniLogic Studio programmable logic controllers of the UniStream series, related to deficiencies in authentication procedures, allows attackers to circumvent security restrictions.

The vulnerability of the microprogramming software for UniLogic Studio series UniStream is related to deficiencies in authentication procedures. Exploiting this vulnerability could allow an attacker to circumvent security restrictions remotely...

The vulnerability of the microprogramming software for UniLogic Studio series UniStream-controlled programmable logic controllers, related to the use of pre-installed credentials, allows a intruder to gain unauthorized access to protected information.

The vulnerability of the microprogramming software for UniLogic Studio series UniStream controllers is related to the use of pre-installed credentials. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the microprogramming software for UniLogic Studio programmable logic controllers of the UniStream series arises from the use of an unreliable data source, allowing a intruder to execute arbitrary code.

The vulnerability of the microprogramming software for UniLogic Studio series UniStream is related to the use of an unreliable data source. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code...

The vulnerability of the microprogramming software for UniLogic Studio series UniStream’s programmable logic controllers arises from incorrect restrictions on the path name to the restricted-access directory. This allows attackers to execute arbitrary code.

The vulnerability of the microprogramming software for UniLogic Studio programmable logic controllers of the UniStream series is related to an incorrect limitation on the path name of the restricted access directory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary...

KB5037426: Update to address a known issue that affects LSASS in Windows Server 2012 R2

KB5037426: Update to address a known issue that affects LSASS in Windows Server 2012 R2 Summary This update addresses a known issue that affects the Local Security Authority Subsystem Service LSASS. It might leak memory on domain controllers DCs. This issue occurs after you install KB5035885 Marc...

March 22, 2024—KB5037423 (OS Build 14393.6799) Out-of-band

March 22, 2024—KB5037423 OS Build 14393.6799 Out-of-band 11/19/20 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 10, version 1607, see its update history page. Highlights This...

March 22, 2024—KB5037422 (OS Build 20348.2342) Out-of-band

March 22, 2024—KB5037422 OS Build 20348.2342 Out-of-band For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows Server 2022, see its update history page. Note Follow @WindowsUpdate to fi...

Unitronics Unistream Unilogic Data Forgery Issue Vulnerability

Unitronics Unistream Unilogic is an integrated controller software platform from Unitronics for developing and programming the Unistream family of programmable logic controllers PLCs. A security vulnerability exists in Unitronics Unistream Unilogic versions prior to 1.35.227, which stems from the...

Softing edgeConnector and Softing edgeAggregator Security Vulnerabilities

Softing edgeAggregator and Softing edgeConnector are both products of Softing. softing edgeAggregator is a flexible and container-based solution for managing complex system architectures for OT/IT integration into edge and cloud applications. softing edgeConnector is a Docker-based software...

WAGO Controller BACnet Security Vulnerability

WAGO Controller BACnet is a series of controllers from WAGO Germany. A security vulnerability exists in the WAGO Controller BACnet 750-831/xxx-xxx that stems from the presence of a buffer overflow vulnerability. An attacker can exploit the vulnerability by sending specially crafted packets to the...

The vulnerability of the MELSEC iQ-F series of programmable logic controllers, related to insufficient resource capacity, allows a intruder to trigger a malfunction in maintenance operations.

The vulnerability of the MELSEC iQ-F series of programmable logic controllers is related to insufficient resources. Exploiting this vulnerability can allow a remote attacker to cause malfunctions in the system’s operation...

PHOENIX CONTACT CHARX SEC Input Validation Error Vulnerability

PHOENIX CONTACT CHARX SEC is a series of AC charge controllers from PHOENIX CONTACT, Germany. An input validation error vulnerability exists in PHOENIX CONTACT CHARX SEC-3000 versions prior to v1.5.1, which stems from incorrect input validation and allows an unauthenticated local attacker to...

The vulnerability of the microprogrammed software of iDRAC8 controllers, related to improper verification of consistency in input data, allows a intruder to gain control over the basic operating system.

The vulnerability of the microprogrammed software of iDRAC8 controllers is related to improper verification of consistency in input data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain control over the basic operating system...

OMRON Machine automation controller NJ series Security breaches

Omron Machine automation controller NJ series is a series of machine controllers for logic sequences and motion from Omron Japan. A security vulnerability exists in Omron Machine automation controller NJ series. An attacker can exploit this vulnerability to access arbitrary files or execute...

VMware Issues Security Patches for ESXi, Workstation, and Fusion Flaws

VMware has released patches to address four security flaws impacting ESXi, Workstation, and Fusion, including two critical flaws that could lead to code execution. Tracked as CVE-2024-22252 and CVE-2024-22253, the vulnerabilities have been described as use-after-free bugs in the XHCI USB...

Aruba Networks ArubaOS Security Vulnerabilities

Aruba Networks ArubaOS is an operating system for Aruba Mobility-Defined Networks, including Mobility Controllers and Mobility Access Switches, from Aruba Networks, Inc. A security vulnerability exists in Aruba Networks ArubaOS that originates from an authenticated command injection vulnerability...