Over Two Dozen Flaws Identified in Advantech Industrial Wi-Fi Access Points – Patch ASAP

Over Two Dozen Flaws Identified in Advantech Industrial Wi-Fi Access Points – Patch ASAP

Over Two Dozen Flaws Identified in Advantech Industrial Wi-Fi Access Points – Patch ASAP Nearly two dozen security vulnerabilities have been disclosed in Advantech EKI industrial-grade wireless access point devices, some of which could be weaponized to bypass authentication and execute code with elevated privileges. “These vulnerabilities pose significant risks, Read more…

Vulnerability in Industrial Wireless Systems

Cisco Releases Patch for Critical URWB Vulnerability in Industrial Wireless Systems

Cisco Releases Patch for Critical URWB Vulnerability in Industrial Wireless Systems Nov 07, 2024Ravie LakshmananVulnerability / Wireless Technology Cisco has released security updates to address a maximum severity security flaw impacting Ultra-Reliable Wireless Backhaul (URWB) Access Points that could permit unauthenticated, remote attackers to run commands with elevated privileges. Tracked Read more…

NAS Devices

Synology Urges Patch for Critical Zero-Click RCE Flaw Affecting Millions of NAS Devices

Synology Urges Patch for Critical Zero-Click RCE Flaw Affecting Millions of NAS Devices Nov 05, 2024Ravie LakshmananVulnerability / Data Security Taiwanese network-attached storage (NAS) appliance maker Synology has addressed a critical security flaw impacting DiskStation and BeePhotos that could lead to remote code execution. Tracked as CVE-2024-10443 and dubbed RISK:STATION Read more…

Qualcomm urges OEMs to patch after ‘targeted’ exploitation • The Register

Qualcomm urges OEMs to patch after ‘targeted’ exploitation • The Register Qualcomm has issued 20 patches for its chipsets’ firmware, including one Digital Signal Processor (DSP) software flaw that has been exploited in the wild. That vulnerability, CVE-2024-43047, carries a CVSS 7.8-out-of-10 severity rating, and was notably reported by both Read more…

Ivanti Endpoint Manager

Ivanti Endpoint Manager Flaw Actively Targeted, CISA Warns Agencies to Patch

Ivanti Endpoint Manager Flaw Actively Targeted, CISA Warns Agencies to Patch Oct 03, 2024Ravie LakshmananVulnerability / Endpoint Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a security flaw impacting Endpoint Manager (EPM) that the company patched in May to its Known Exploited Vulnerabilities (KEV) catalog, based Read more…