Lucene search
K

164 matches found

ThreatPost
ThreatPost
added 2018/04/30 8:43 p.m.54 views

KRACK Vulnerability Puts Medical Devices At Risk

A slew of devices from medical technology company Becton, Dickinson and Company BD are vulnerable to the infamous KRACK key-reinstallation attack, potentially enabling hackers to change and exfiltrate patient records. The KRACK vulnerability, discovered last October, is an industry-wide glitch in...

0.2AI score
Exploits0References8
ICS
ICS
added 2018/04/24 12:0 a.m.85 views

BD Pyxis

1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION : Public exploits are available. Vendor : Becton, Dickinson and Company BD Equipment : Certain BD Pyxis Products Vulnerability : Reusing a Nonce 2. RISK EVALUATION Successful exploitation of this vulnerability could allow data traffic manipulation,...

8.1CVSS7.9AI score0.04575EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2018/04/13 12:0 a.m.143 views

pfSense < 2.3.5 Multiple Vulnerabilities (KRACK)

According to its self-reported version number, the remote pfSense install is affected by multiple vulnerabilities as stated in the referenced vendor advisories. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid109037; scriptversion"1.13";...

9.8CVSS7AI score0.93307EPSS
Exploits33References23
Mageia
Mageia
added 2018/03/30 2:21 p.m.61 views

Updated kernel packages fix security vulnerabilities

This kernel update is based on the upstream 4.14.30 and fixes at least the following security issues: The KPTI mitigation for Meltdown CVE-2017-5754 on 32bit x86 has been updated to revision 4. A flaw was found in the Linux kernel implementation of 32 bit syscall interface for bridging allowing a...

7.2CVSS6.9AI score0.84172EPSS
Exploits4References7
OpenVAS
OpenVAS
added 2018/02/06 12:0 a.m.39 views

Debian: Security Advisory (DLA-1150-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.7AI score0.04575EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2018/01/15 12:0 a.m.49 views

Fedora 27 : hostapd (2017-fc21e3856b) (KRACK)

Latest hostapd release with KRACK patches applied. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

6.8CVSS7AI score0.02388EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/01/15 12:0 a.m.47 views

Fedora 27 : 1:wpa_supplicant (2017-f45e844a85) (KRACK)

Fix the for the Key Reinstallation Attacks ========================================== - hostapd: Avoid key reinstallation in FT handshake CVE-2017-13082 - Fix PTK rekeying to generate a new ANonce - Prevent reinstallation of an already in-use group key and extend protection of GTK/IGTK...

8.1CVSS7.2AI score0.04575EPSS
Exploits1References10
Hewlett-Packard
Hewlett-Packard
added 2018/01/12 12:0 a.m.104 views

HPSBPI03574 rev. 2 - WPA, WPA2 Key Reinstallation Attacks (KRACK attacks) Potential Remote Disclosure of Information: Certain HP Enterprise Printer and MFP products, Certain HP PageWide Printer and MFP Products, HP Jetdirect Accessory Products

Potential Security Impact Remote disclosure of information. Source:Mathy Vanhoef of imec-DistriNet, KU Leuven VULNERABILITY SUMMARY A potential security vulnerability has been identified with certain HP Printers and MFPs, and HP JetDirect Networking accessories using WPA or WPA2. This vulnerabili...

6.8CVSS1AI score0.02388EPSS
Exploits0
Hewlett-Packard
Hewlett-Packard
added 2018/01/09 12:0 a.m.78 views

HP Printing Security Advisory - KRACK Attacks Potential Vulnerabilities

Potential Security Impact KRACK Attacks VULNERABILITY SUMMARY On October 16, security researchers publicly announced vulnerabilities in the WiFi WPA2 standard. See the References section below for links to additional resources describing the KRACK Attacks WPA2 potential vulnerabilities in detail...

6.8CVSS0.4AI score0.02388EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/01/08 12:0 a.m.235 views

Juniper ScreenOS 6.3 SSG-5 and SSG-20 (KRACK)

The version of Juniper ScreenOS installed on the remote host is affected by multiple vulnerabilities related to the KRACK attacks. This may allow an attacker to decrypt, replay, and forge some frames on a WPA2 encrypted network. Note that Juniper's products do not support Fast BSS Transition...

8.1CVSS7.3AI score0.04575EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2018/01/08 12:0 a.m.88 views

Junos OS 12.1X46 SRX 210, 240, 650 series firewalls (KRACK)

The version of Juniper Junos OS installed on the remote host is affected by multiple vulnerabilities related to the KRACK attacks. This may allow an attacker to decrypt, replay, and forge some frames on a WPA2 encrypted network. Note that Juniper's products do not support Fast BSS Transition...

8.1CVSS7.3AI score0.04575EPSS
Exploits1References6
Nvidia
Nvidia
added 2017/12/20 12:0 a.m.88 views

Security Bulletin: NVIDIA Linux for Tegra (L4T) “KRACK” vulnerabilities

Vulnerability Details The following section summarizes the vulnerabilities. Descriptions use CWE™ and risk assessments follow CVSS. CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088 L4T ships with a...

5.8CVSS0.8AI score0.04575EPSS
Exploits1Affected Software3
ICS
ICS
added 2017/12/19 12:0 a.m.93 views

PEPPERL+FUCHS/ecom instruments WLAN Capable Devices using the WPA2 Protocol

CVSS v3 8.1 ATTENTION: Low skill level is needed to exploit. Public exploits are available. Vendor: PEPPERL+FUCHS/ecom instruments Equipment: WLAN capable devices using the WPA2 Protocol Vulnerabilities: Reusing a Nonce AFFECTED PRODUCTS PEPPERL+FUCHS/ecom instruments reports that these...

8.1CVSS8.1AI score0.04575EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2017/12/14 12:0 a.m.38 views

openSUSE Security Update : kernel-firmware (openSUSE-2017-1317) (KRACK)

This update for kernel-firmware fixes the following issues : - Update Intel WiFi firmwares for the 3160, 7260 and 7265 adapters. Security issues fixed are part of the 'KRACK' attacks affecting the firmware : - CVE-2017-13080: The reinstallation of the Group Temporal key could be used for replay...

5.3CVSS7.1AI score0.02285EPSS
Exploits0References3
Apple
Apple
added 2017/12/12 9:19 a.m.54 views

About the security content of AirPort Base Station Firmware Update 7.7.9 - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. For more information about security, se...

9.8CVSS0.6AI score0.47537EPSS
Exploits1Affected Software1
Apple
Apple
added 2017/12/12 12:0 a.m.45 views

About the security content of AirPort Base Station Firmware Update 7.6.9

About the security content of AirPort Base Station Firmware Update 7.6.9 This document describes the security content of AirPort Base Station Firmware Update 7.6.9. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an...

6.8CVSS7.5AI score0.02388EPSS
Exploits0References1Affected Software1
Apple
Apple
added 2017/12/12 12:0 a.m.47 views

About the security content of AirPort Base Station Firmware Update 7.7.9

About the security content of AirPort Base Station Firmware Update 7.7.9 This document describes the security content of AirPort Base Station Firmware Update 7.7.9. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an...

9.8CVSS0.1AI score0.47537EPSS
Exploits1References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2017/12/12 12:0 a.m.275 views

SUSE SLES11 Security Update : kernel (SUSE-SU-2017:3265-1) (KRACK)

The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2017-16649: The usbnetgenericcdcbind function in drivers/net/usb/cdcether.c in the Linux kernel allowed local users to cause a denial of service...

10CVSS7.6AI score0.20797EPSS
Exploits26References115
OpenVAS
OpenVAS
added 2017/12/04 12:0 a.m.47 views

openSUSE: Security Advisory for kernel-firmware (openSUSE-SU-2017:3144-1)

The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

5.3CVSS7.7AI score0.02285EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2017/12/01 12:0 a.m.36 views

SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3158-1) (KRACK)

This update for the Linux Kernel 3.12.74-606460 fixes several issues. The following security issues were fixed : - CVE-2017-15649: net/packet/afpacket.c in the Linux kernel allowed local users to gain privileges via crafted system calls that trigger mishandling of packetfanout data structures,...

7.8CVSS7.1AI score0.02285EPSS
Exploits4References10
Rows per page
Query Builder