Cisco on Wednesday announced NX-OS software updates that resolve multiple vulnerabilities, including a high-severity DoS bug.
The post Cisco Patches Multiple NX-OS Software Vulnerabilities appeared first on SecurityWeek.
Beckhoff TwinCAT/BSD Vulnerabilities Expose PLCs to Tampering, DoS Attacks
Beckhoff Automation has patched several vulnerabilities in its TwinCAT/BSD operating system for industrial PCs.
The post Beckhoff TwinCAT/BSD Vulnerabilities Expose PLCs to Tampering, DoS Attacks appeared first on SecurityWeek.
Second Apache OFBiz Vulnerability Exploited in Attacks
CISA is warning organizations that a second Apache OFBiz flaw is being exploited in the wild shortly after the release of PoC exploits.
The post Second Apache OFBiz Vulnerability Exploited in Attacks appeared first on SecurityWeek.
SonicWall Patches Critical SonicOS Vulnerability
SonicWall has patched CVE-2024-40766, a critical SonicOS vulnerability that can lead to unauthorized access or a firewall crash.
The post SonicWall Patches Critical SonicOS Vulnerability appeared first on SecurityWeek.
China-Linked ‘Velvet Ant’ Hackers Exploited Zero-Day to Deploy Malware on Cisco Nexus Switches
Hackers gained access to the switch using valid administrator credentials, and then ‘jailbroke’ from the application level into the OS level.
The post China-Linked ‘Velvet Ant’ Hackers Exploited Zero-Day to Deploy Malware on Cisco Nexus Switches appeared first on SecurityWeek.
Microsoft Copilot Studio Vulnerability Led to Information Disclosure
A vulnerability in Microsoft Copilot Studio exposed information on internal services shared among tenants, potentially impacting multiple customers.
The post Microsoft Copilot Studio Vulnerability Led to Information Disclosure appeared first on SecurityWeek.
Critical Flaw in Donation Plugin Exposed 100,000 WordPress Sites to Takeover
A critical vulnerability in the GiveWP WordPress plugin could be exploited for remote code execution and arbitrary file deletion.
The post Critical Flaw in Donation Plugin Exposed 100,000 WordPress Sites to Takeover appeared first on SecurityWeek.
Cisco, Microsoft Disagree on Severity of macOS App Vulnerabilities
Multiple vulnerabilities in Microsoft applications for macOS could be exploited to send emails, leak sensitive information, and escalate privileges.
The post Cisco, Microsoft Disagree on Severity of macOS App Vulnerabilities appeared first on SecurityWeek.
F5 Patches High-Severity Vulnerabilities in BIG-IP, NGINX Plus
F5’s latest quarterly security notification includes nine advisories, including four for high-severity vulnerabilities in BIG-IP and NGINX Plus.
The post F5 Patches High-Severity Vulnerabilities in BIG-IP, NGINX Plus appeared first on SecurityWeek.
SolarWinds Issues Hotfix for Critical Web Help Desk Vulnerability
SolarWinds has released a hotfix for a critical Java deserialization remote code execution vulnerability in Web Help Desk.
The post SolarWinds Issues Hotfix for Critical Web Help Desk Vulnerability appeared first on SecurityWeek.