BD Pyxis

1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION : Public exploits are available. Vendor : Becton, Dickinson and Company BD Equipment : Certain BD Pyxis Products Vulnerability : Reusing a Nonce 2. RISK EVALUATION Successful exploitation of this vulnerability could allow data traffic manipulation,...

About the security content of AirPort Base Station Firmware Update 7.7.9

About the security content of AirPort Base Station Firmware Update 7.7.9 This document describes the security content of AirPort Base Station Firmware Update 7.7.9. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an...

November Patch Tuesday: 53 Vulnerabilities and a Massive Adobe Update

This November Patch Tuesday is moderate in volume and severity. Microsoft released patches to address 53 unique vulnerabilities, with 25 focused on Remote Code Execution fixes. Windows OS receives 14 patches, while the lion's share is focused on Browsers, Microsoft Office, and Adobe. According to...

Google Patches KRACK Vulnerability in Android

Google this week finally addressed the KRACK vulnerability in Android, three weeks after the WPA2 protocol flaw was publicly disclosed. The KRACK patches are the most high-profile fixes in the November Android Security Bulletin, which includes three patches levels; the KRACK patches are in the No...

Apple Patches KRACK Vulnerability in iOS 11.1

Apple has patched iOS, macOS and other products to protect against the KRACK vulnerability recently disclosed in the WPA2 Wi-Fi security protocol. KRACK, short for key re-installation attack, allows an attacker within range of a victim’s Wi-Fi network to read encrypted traffic with varying degree...

A week in security (October 16 – October 22)

Last week was an eventful one in security, keeping our research and intel teams on their toes. Multiple security researchers homed in on suspicious and malicious apps on Google Play, affecting thousands of Android users. A new variant of Mac malware Proton was also found in the wild, this time...

RHEL 6 : wpa_supplicant (RHSA-2017:2911)

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2017:2911 advisory. The wpasupplicant packages contain an 802.1X Supplicant with support for WEP, WPA, WPA2 IEEE 802.11i / RSN, and various EAP authentication...

Important: Red Hat Security Advisory: wpa_supplicant security update

An update for wpasupplicant is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

RHEL 7 : wpa_supplicant (RHSA-2017:2907)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2017:2907 advisory. The wpasupplicant packages contain an 802.1X Supplicant with support for WEP, WPA, WPA2 IEEE 802.11i / RSN, and various EAP authentication...

Important: Red Hat Security Advisory: wpa_supplicant security update

An update for wpasupplicant is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

KRACK Vulnerability in WiFi WPA2

Akamai is aware of a family of vulnerabilities known as the Key Reinstallation Attack or KRACK. These vulnerabilities abuse implementation flaws found in all modern wireless networks using WPA2. The KRACK attack is effective at the protocol level and therefore affects all systems using current Wi...