article thumbnail

CVE-2022-40684: Critical Authentication Bypass in FortiOS and FortiProxy

Tenable

Fortinet has patched a critical authentication bypass in its FortiOS and FortiProxy products that could lead to administrator access. This vulnerability, CVE-2022-40684, has been patched, but Fortinet has not released a full advisory yet via its Product Security Incident Response Team. . Background.

article thumbnail

Rockwell Automation: Disconnect OT Devices with Public-Facing Internet Access, Patch or Mitigate Logix, FactoryTalk CVEs

Tenable

An advisory from Rockwell Automation reiterates the importance of disconnecting operational technology devices with public-facing internet access and patching and mitigating systems vulnerable to several flaws. Studio 5000 Logix Designer, RSLogix 5000, Logix Controllers CVE-2022-1159 Rockwell Automation Code Injection Vulnerability 7.7

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

CVE-2023-46747: Critical Authentication Bypass Vulnerability in F5 BIG-IP

Tenable

A critical authentication bypass vulnerability in F5’s BIG-IP could allow remote, unauthenticated attackers to execute system commands. Analysis CVE-2023-46747 is a critical severity authentication bypass vulnerability in F5 BIG-IP that could allow an unauthenticated attacker to achieve remote code execution (RCE).

article thumbnail

CVE-2022-22972: VMware Patches Additional Workspace ONE Access Vulnerabilities (VMSA-2022-0014)

Tenable

On May 18, VMware published an advisory ( VMSA-2022-0014 ) to address two vulnerabilities across several VMware products: CVE. CVE-2022-22972. Authentication Bypass Vulnerability. CVE-2022-22973. CVE-2022-22973 is a local privilege escalation vulnerability in the VMware Workspace ONE Access and Identity Manager.

article thumbnail

Microsoft’s October 2022 Patch Tuesday Addresses 84 CVEs (CVE-2022-41033)

Tenable

Microsoft’s October 2022 Patch Tuesday Addresses 84 CVEs (CVE-2022-41033). Microsoft addresses 84 CVEs in its October 2022 Patch Tuesday release, including 13 critical flaws. Microsoft patched 84 CVEs in its October 2022 Patch Tuesday release, with 13 rated as critical and 71 rated as important. 13 Critical. 0 Moderate.

Windows 99
article thumbnail

Microsoft’s June 2022 Patch Tuesday Addresses 55 CVEs (CVE-2022-30190)

Tenable

Microsoft addresses 55 CVEs in its June 2022 Patch Tuesday release, including three critical flaws. Microsoft patched 55 CVEs in its June 2022 Patch Tuesday release, with three rated as critical, 52 rated as important. CVE-2022-30136 | Windows Network File System Remote Code Execution Vulnerability. CVE-2022-30139.

Windows 97
article thumbnail

CVE-2022-37958: FAQ for Critical Microsoft SPNEGO NEGOEX Vulnerability

Tenable

CVE-2022-37958: FAQ for Critical Microsoft SPNEGO NEGOEX Vulnerability Microsoft recently reclassified a vulnerability in SPNEGO NEGOEX, originally patched in September, after a security researcher discovered that it can lead to remote code execution. Frequently Asked Questions (FAQ) about CVE-2022-37958. What is CVE-2022-37958?

Windows 98