14 matches found
Hitachi Energy Asset Suite
SUMMARY Hitachi Energy is aware multiple vulnerabilities that affects the Asset Suite product versions listed below. If these vulnerabilities are successfully exploited by an attacker, it could have an impact on the confidentiality, integrity, or availability of the product. Please refer to the...
Hitachi Energy XMC20
SUMMARY Hitachi Energy is aware of a vulnerability that affects the XMC20 versions listed below. Please refer to the “Recommended Immediate Actions” for information about the remediation. 2. GENERAL MITIGATION FACTORS/WORKAROUNDS Recommended security practices and firewall configurations can...
Hitachi Energy SDM600
SUMMARY Hitachi Energy is aware of multiple vulnerabilities that affect the SDM600 versions listed below. An attacker who managed to be authenticated to SDM600 and successfully exploit these vulnerabilities could elevate privileges and gain unauthorized access to the system. SDM600 version 1.3.4...
Hitachi Energy Relion 670, 650, SAM600-IO Series (Update A)
SUMMARY Hitachi Energy is aware of the vulnerability CVE-2022-4304 in the OSS component OpenSSL, that affects the Relion 670, 650, SAM600-IO versions that are listed below. An attacker successfully exploiting this vulnerability could send trial messages to the server and record the time taken to...
Symantec ICSP Unauthorized Access
SUMMARY Symantec has released an update to address an issue that was discovered in the Industrial Control System Protection ICSP product. AFFECTED PRODUCTS Industrial Control System Protection ICSP --- CVE | Affected Versions | Remediation CVE-2019-18380 | ICSP 6.x.x | Upgrade to ICSP 6.1.1.123...
SA161: Local Information Disclosure Due to Meltdown and Spectre Attacks
SUMMARY Symantec Network Protection products, which run on an affected CPU chipset and execute arbitrary code from external sources, are susceptible to several information disclosure vulnerabilities aka Meltdown and Spectre attacks. A remote attacker, with the ability to execute arbitrary code...
SA157: OpenSSL Vulnerabilities 28-Aug-2017 and 2-Nov-2017
SUMMARY Symantec Network Protection products using affected versions of OpenSSL are susceptible to several vulnerabilities. A remote attacker can send a crafted X.509 certificate to cause unspecified impact. They can exploit, under certain circumstances, a computational flaw in the Montgomery...
SA141 : OpenSSL Vulnerabilities 26-Jan-2017
SUMMARY Symantec Network Protection products using affected versions of OpenSSL are susceptible to several vulnerabilities. A remote attacker can exploit these vulnerabilities to cause denial of service and obtain private key information. AFFECTED PRODUCTS The following products are vulnerable:...
SA136 : OpenSSH Vulnerabilities
SUMMARY Blue Coat products using affected versions of OpenSSH are susceptible to several vulnerabilities. A remote attacker, with access to the management interface, can exploit these vulnerabilities to enumerate existing user accounts and cause denial of service through excessive CPU consumption...
SA135 : OpenSSL Vulnerabilities 10-Nov-2016
SUMMARY Blue Coat products using affected versions of OpenSSL are susceptible to multiple vulnerabilities. A remote attacker can exploit these vulnerabilities to cause denial of service and obtain SSL/TLS session key information. AFFECTED PRODUCTS The following products are vulnerable: Director -...
SA123 : OpenSSL Vulnerabilities 3-May-2016
SUMMARY Blue Coat products using affected versions of OpenSSL are susceptible to multiple vulnerabilities. A remote attacker can exploit these vulnerabilities to intercept and decrypt TLS sessions, obtain arbitrary data from the target's memory stack, or execute arbitrary code through buffer...
SA117 : OpenSSL Vulnerabilities 1-Mar-2016
SUMMARY Blue Coat products using affected versions of OpenSSL are susceptible to multiple vulnerabilities. A remote attacker can exploit these vulnerabilities to decrypt live and recorded SSL sessions, cause denial of service through application crashes, and possibly execute arbitrary code. A...
SA114 : GNU C Library (glibc) Remote Code Execution February 2016
SUMMARY Blue Coat products using an affected version of the GNU C Library glibc are susceptible to a remote execution attack. A remote attacker can send a crafted DNS response to the glibc DNS resolver and cause the resolver to crash or execute arbitrary code. AFFECTED PRODUCTS The following...
SA111 : OpenSSL Vulnerabilities 28-Jan-2016
SUMMARY Blue Coat products using affected versions of OpenSSL 1.0.2, 1.0.1, and 0.9.8 are susceptible to multiple vulnerabilities. A remote attacker can exploit these vulnerabilities to obtain ephemeral Diffie-Hellman DHE private key information and perform man-in-the-middle attacks on SSL/TLS...