Monthly Archive: July 2021

A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All...

A vulnerability has been identified in SINUMERIK Analyse MyCondition (All versions), SINUMERIK Analyze MyPerformance (All versions), SINUMERIK Analyze MyPerformance /OEE-Monitor (All versions), SINUMERIK Analyze MyPerformance /OEE-Tuning (All versions), SINUMERIK Integrate Client 02 (All versions...

An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. A malicious FTP server can use the PASV response to trick Net::FTP into connecting back to a given IP...

SES Evolution before 2.1.0 allows deleting some resources not currently in use by any security policy by leveraging access to a computer having the administration console installed. Date published : 2021-07-13 https://advisories.stormshield.eu https://advisories.stormshield.eu/2021-027/

SES Evolution before 2.1.0 allows duplicating an existing security policy by leveraging access of a user having read-only access to security policies. Date published : 2021-07-13 https://advisories.stormshield.eu https://advisories.stormshield.eu/2021-026/

SES Evolution before 2.1.0 allows reading some parts of a security policy by leveraging access to a computer having the administration console installed. Date published : 2021-07-13 https://advisories.stormshield.eu https://advisories.stormshield.eu/2021-025/

SES Evolution before 2.1.0 allows updating some parts of a security policy by leveraging access to a computer having the administration console installed. Date published : 2021-07-13 https://advisories.stormshield.eu https://advisories.stormshield.eu/2021-024/

SES Evolution before 2.1.0 allows deleting some parts of a security policy by leveraging access to a computer having the administration console installed. Date published : 2021-07-13 https://advisories.stormshield.eu https://advisories.stormshield.eu/2021-023/

SES Evolution before 2.1.0 allows modifying security policies by leveraging access of a user having read-only access to security policies. Date published : 2021-07-13 https://advisories.stormshield.eu https://advisories.stormshield.eu/2021-022/

In SolarWinds DameWare Mini Remote Control Server 12.0.1.200, insecure file permissions allow file deletion as SYSTEM. Date published : 2021-07-13 https://documentation.solarwinds.com/en/success_center/dameware/content/release_notes/dameware_12-2_release_notes.htm https://support.solarwinds.com/SuccessCenter/s/

A vulnerability has been identified in RWG1.M12 (All versions < V1.16.16), RWG1.M12D (All versions < V1.16.16), RWG1.M8 (All versions < V1.16.16). Sending specially crafted ARP packets to an affected device could cause a partial...

There is a path traversal vulnerability in some Huawei products. The vulnerability is due to that the software uses external input to construct a pathname that is intended to identify a file or directory...

The Bluetooth function of some Huawei smartphones has a DoS vulnerability. Attackers can install third-party apps to send specific broadcasts, causing the Bluetooth module to crash. This vulnerability is successfully exploited to cause the...

VMware Thinapp version 5.x prior to 5.2.10 contain a DLL hijacking vulnerability due to insecure loading of DLLs. A malicious actor with non-administrative privileges may exploit this vulnerability to elevate privileges to administrator level...