Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-21938: Product Security Advisories

Under certain circumstances, a vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 could allow a user to inject malicious code into the MUI Graphics web interface.

CVE
#vulnerability#web#ios#windows#microsoft#linux#oracle#rce#perl#samba#auth#wifi#ssl

Johnson Controls keeps your building management systems, IT infrastructures, and connected equipment secure with a firm commitment to technological innovation and continual product development.

This includes creating product security advisories as an essential part of our rapid response protocol for cybersecurity incidents. You can learn about problems we identified — as well as the actions we took to mitigate risk — right here.

2022 Product Security Advisories

Title/Security Advisory ID

Affected Product

Overview

Mitigation

Initial Publication Date

Last updated

Metasys
JCI-PSA-2022-10

Metasys

Vulnerabilities impacting Metasys ADS/ADX/OAS Servers

See link for general guidance

June 14, 2022

June 14, 2022

Spring4Shell
JCI-PSA-2022-14 v3

General

General Guidance

See link for general guidance

April 19, 2022

May 20, 2022

Metasys
JCI-PSA-2022-09

Metasys

Vulnerability impacting Metasys ADS/ADX/OAS Servers versions 10 and 11

See link for general guidance

May 5, 2022

May 5, 2022

Metasys ADS/ADX/OAS
JCI-PSA-2022-08

Metasys

Vulnerability impacting Metasys ADS/ADX/OAS Servers versions 10 and 11

See link for general guidance

April 28, 2022

April 28, 2022

Log4Shell
JCI-PSA-2021-23 v24

General

General guidance

See link for general guidance

December 14, 2021

April 21, 2022

Metasys System Configuration Tool (SCT) and System Configuration Tool Pro (SCT Pro)
JCI-PSA-2022-03

Metasys

Vulnerability impacting Metasys System Configuration Tool (SCT) and System Configuration Tool Pro (SCT Pro) all versions prior to 14.2.2

See link for general guidance

April 21, 2022

April 21, 2022

Metasys ADS/ADX/OAS Servers
JCI-PSA-2022-06

Metasys

Vulnerability impacting Metasys ADS/ADX/OAS Servers versions 10 and 11

See link for general guidance

April 14, 2022

April 14, 2022

Metasys ADS/ADX/OAS Servers
JCI-PSA-2022-02

Metasys

Vulnerability impacting Metasys ADS/ADX/OAS versions 10 and 11

See link for general guidance

March 17, 2022

March 17, 2022

DSC PowerManage
JCI-PSA-2022-01 v2

DSC

Vulnerability impacting DSC PowerManage versions 4.0 to 4.8

See link for general guidance

February 3, 2022

March 7, 2022

2021 Product Security Advisories

Title/Security Advisory ID

Affected Product

Overview

Mitigation

Initial Publication Date

Last updated

Log4Shell
JCI-PSA-2021-23 v9

General

General guidance

See link for general guidance

December 14, 2021

December 22, 2021

American Dynamics VideoEdge
JCI-PSA-2021-21

American Dynamics VideoEdge

Vulnerability impacting VideoEdge versions 5.4.1 to 5.7.1

See link for mitigation options

December 22, 2021

December 22, 2021

exacqVision Enterprise Manager
JCI-PSA-2021-24

exacqVision Enterprise Manager

Vulnerability impacting all versions of exacqVision Enterprise Manager up to and including version 21.12

See link for mitigation options

December 20, 2021

December 20, 2021

Kantech Entrapass
JCI-PSA-2021-22

Kantech Entrapass

Vulnerability impacting Entrapass all versions prior to 8.40

See link for mitigation options

December 2, 2021

December 2, 2021

CEM Systems AC2000
JCI-PSA-2021-20

CEM Systems AC2000

Vulnerability impacting AC2000 all versions prior to 10.6

See link for mitigation options

November 30, 2021

November 30, 2021

American Dynamics VideoEdge
JCI-PSA-2021-17

American Dynamics VideoEdge

Vulnerability impacting VideoEdge versions prior to 5.7.1

See link for mitigation options

November 2, 2021

November 2, 2021

American Dynamics victor Video Management System
JCI-PSA-2021-19

American Dynamics victor Video Management System

Vulnerability impacting victor Video Management System version 5.7 and prior

See link for mitigation options

October 28, 2021

October 28, 2021

exacqVision Server
JCI-PSA-2021-18

exacqVision Server

Vulnerability impacting exacqVision Server 32-bit version 21.06.11.0 or older

See link for mitigation options

October 7, 2021

October 7, 2021

exacqVision Web Service
JCI-PSA-2021-16

exacqVision Web Service

Vulnerability impacting exacqVision Web Service version 21.06.11.0 or older

See link for mitigation options

October 7, 2021

October 7, 2021

Kantech KT-1 Door Controller
JCI-PSA-2021-14

Kantech KT-1 Door Controller

Vulnerability impacting all version Kantech KT-1 Controller including 3.01

See link for mitigation options

September 10, 2021

September 10, 2021

Tyco Illustra
JCI-PSA-2021-13

Tyco Illustra

Vulnerability impacting specific versions Tyco Illustra

See link for mitigation options

August 31, 2021

August 31, 2021

CEM Systems AC2000
JCI-PSA-2021-15

CEM Systems AC2000

Vulnerability impacting specific versions CEM Systems AC2000

See link for mitigation options

August 26, 2021

August 26, 2021

Kantech
KT-1 Door Controller
JCI-PSA-2021-12

Kantech
KT-1 Door Controller

Vulnerability impacting all versions Kantech KT-1 Door Controller including 2.09.02 and earlier

See link for mitigation options

August 19, 2021

August 19, 2021

Software House C•CURE 9000
JCI-PSA-2021-10 v2

Software House C•CURE 9000

Vulnerability impacting all versions of Software House C•CURE 9000 prior to version 2.80

See link for mitigation options

July 01, 2021

August 12, 2021

Facility Explorer
JCI-PSA-2021-11

Facility Explorer

Vulnerability impacting Facility Explorer SNC Series Supervisory Controllers (F4-SNC)

See link for mitigation options

July 01, 2021

July 01, 2021

Software House C•CURE 9000
JCI-PSA-2021-10

Software House C•CURE 9000

Vulnerability impacting all versions of Software House C•CURE 9000 prior to version 2.80

See link for mitigation options

July 01, 2021

July 01, 2021

exacqVision Web Service
JCI-PSA-2021-09

exacqVision Web Service

Vulnerability impacting all versions of exacqVision Web Service including 21.03

See link for mitigation options

June 24, 2021

June 24, 2021

exacqVision Enterprise Manager
JCI-PSA-2021-08

exacqVision Enterprise Manager

Vulnerability impacting all versions of exacqVision Enterprise Manager including 20.12

See link for mitigation options

June 24, 2021

June 24, 2021

Metasys Servers, Engines, and SCT Tools Web Services
JCI-PSA-2021-05

Metasys Servers, Engines, and SCT Tools Web Services

Vulnerability impacting web services for Metasys Servers, Engines, and SCT Tools

See link for mitigation options.

June 04, 2021

June 04, 2021

American Dynamics VideoEdge
JCI-PSA-2021-07

American Dynamics
VideoEdge

Vulnerability impacting all versions of VideoEdge prior to 5.7.0

See link for mitigation options.

May 27, 2021

May 27, 2021

American Dynamics Tyco AI
JCI-PSA-2021-06

American Dynamics Tyco AI

Vulnerability impacting all versions of Tyco AI up to and including v1.2

See link for mitigation options.

May 13, 2021

May 13, 2021

exacqVision Network Video Recorder
JCI-PSA-2021-04

exacqVision Network Video Recorder

Vulnerability impacting specific versions of the exacqVision Network Video Recorder

See link for mitigation options.

April 29, 2021

April 29, 2021

exacqVision Web Service
JCI-PSA-2021-03

exacqVision Web Service

Vulnerability impacting all versions of exacqVision Web Service

See link for mitigation options.

March 18, 2021

March 18, 2021

Metasys Report Engine (MRE) Web Services
JCI-PSA-2021-02

Metasys Report Engine (MRE) Web Services

Vulnerability impacting specific versions of Metasys Report Engine (MRE) Web Services

See link for mitigation options.

February 18, 2021

February 18, 2021

Sur-Gard
JCI-PSA-2021-01

Sur-Gard System 5 receivers

Vulnerability impacting Sur-Gard System 5 receivers

See link for mitigation options.

January 26, 2021

January 26, 2021

AD victor Web Client and SWH C•CURE Web Client

JCI-PSA-2020-9 v2

American Dynamics victor Web Client and Software House C•CURE Web Client

Vulnerability impacting specific versions of American Dynamics victor Web Client and Software House C•CURE Web Client

See link for mitigation options.

October 08, 2020

January 05, 2021

2020 Product Security Advisories

Title/Security Advisory ID

Affected Product

Overview

Mitigation

Initial Publication Date

Last updated

AD victor Web Client and SWH C•CURE Web Client
JCI-PSA-2020-10 v2

American Dynamics victor Web Client and Software House C•CURE Web Client

Vulnerability impacting specific versions of American Dynamics victor Web Client and Software House C•CURE Web Client

See link for mitigation options.

November 19, 2020

November 24, 2020

victor Web Client
JCI-PSA-2020-09

victor Web Client

Vulnerability impacting versions of victor Web Client

Upgrade all versions of victor Web Client to v5.6.

October 8, 2020

October 8, 2020

Sur-Gard
JCI-PSA-2020-08

Sur-Gard System 5 receivers

Vulnerability impacting Sur-Gard System 5 receivers

See link for mitigation options.

August 20,2020

August 20, 2020

exacqVision
JCI-PSA-2020-07 v2

exacqVision Web Service and exacqVision Enterprise Manager

Vulnerability impacting exacqVision Web Service and exacqVision Enterprise Manager

All users should upgrade exacqVision Web Service to version 20.06.4 or higher and exacqVision Enterprise Manager to version 20.06.5 or higher.

June 18, 2020

July 2, 2020

C•CURE 9000/victor
JCI-PSA-2020-4 v4

Software House C•CURE 9000 and American Dynamics victor Video Management System

Vulnerability impacting Software House C•CURE 9000 and American Dynamics victor Video Management System software installer.

See link for mitigation options.

May 21, 2020

June 2, 2020

Kantech EntraPass
JCI-PSA-2020-6 v1

All versions of Kantech EntraPass editions up to and including v8.22

Vulnerability impacting system permissions for all versions of Tyco Kantech EntraPass Security Management Software Editions.

All users should upgrade Kantech EntraPass Editions to version 8.23.

May 26, 2020

May 26,2020

BCPro
JCI-PSA-2020-5 v1

BCPro

Vulnerability impacting the BCPro and BCT software.

A patch has been developed to address this issue.

April 23, 2020

April 23, 2020

Metasys XXE
JCI-PSA-2020-3 v1

Metasys Server

Vulnerability impacting the Metasys Server software products and some network engines.

A patch has been developed to address this issue.

March 10, 2020

March 10, 2020

SmartService API
JCI-PSA-2020-2 v1

Kantech EntraPass

Vulnerability impacting the SmartService API Service option in some editions of Kantech EntraPass.

Upgrade impacted Kantech EntraPass Global and Corporate edition software to version 8.10.

March 10, 2020

March 10, 2020

ElasticSearch Kibana
JCI-PSA-2020-1 v1

Metasys Server 10.0 using Kibana version 6.2.3

Vulnerabilities impacting ElasticSearch/Kibana visualizer component.

Remove the Windows component called Kibana-6.2.3 from computers running Metasys Server (Release 10.0).

January 31, 2020

January 31, 2020

2019 Product Security Advisories

Title/Security Advisory ID

Affected Product

Overview

Mitigation

Initial Publication Date

Last updated

Flexera FlexNet Publisher -
JCI-PSA-2019-12 v1

Software House C•CURE v2.70 and earlier running FlexNet Publisher version 11.16.1.0 and earlier

Vulnerabilities impacting the Flexera FlexNet Publisher licensing
manager

Install C•CURE 9000 v2.70 Service Pack 3 Critical Update 05 (Unified 3.70 SP3 CU05) or upgrade to C•CURE 9000 v2.80

December 3, 2019

December 3, 2019

PC Annunciator -
JCI-PSA-2019-11 v1

TrueAlarm Fire Alarm
System, 4190 PC Annunciator

Remote Desktop Services Remote Code Execution Vulnerability (a.k.a. “BlueKeep”)

Apply all applicable Microsoft security updates

November 21, 2019

November 21, 2019

Facility Explorer -
JCI-PSA-2019-10 v1

Facility Explorer-
FX 14.7.2, FX 14.4, FX 6.5

Vulnerabilities exist in the QNX operating system used in
Facility Explorer

Apply available QNX patch or update

October 30, 2019

October 30, 2019

Metasys ICS-CERT Advisory ICSA-19-227-01

JCI-PSA-2019-06 v1
CVE-2019-7593
CVE-2019-7594

Metasys® ADS/ADX servers and NAE/NIE/NCE engines impacting versions prior to 9.0.

An attacker with access to the shared RSA key pair or a hardcoded RC2 key could potentially decrypt captured network traffic between the Metasys® ADS/ADX servers or NAE/NIE/NCE engines and the connecting Site Management Portal (SMP) user client

These issues were addressed in version 9.0 of these Metasys® components. We recommend upgrading all Metasys® ADS/ADX servers and NAE/NIE/NCE engines to at least version 9.0 to assure all enhancements in this latest release are active. Sites should also be configured with trusted certificates

August 15, 2019

August 15, 2019

Bluetooth “KNOB” attack or BR/EDR Key Negotiation Vulnerability

CVE-2019-9506 JCI-PSA-2019-08 v1

Find out more about from NIST National Vulnerability Database (NVD) and MITRE CVE® List.

Security advisories for affected products will be appended to this web page as they are made available.

The PSA IDs for each product specific advisory has common root followed by “.x” where x is the instance number (JCI-PSA-2019-08.x).

A researcher has identified a vulnerability that affects Bluetooth devices that employ Bluetooth BR/EDR Bluetooth Core specification versions 1.0 through 5.1

Refer to respective Product Security Advisories (when released)

August 13, 2019

August 13, 2019

JCI-PSA-2019-03

Please visit the ICS-CERT advisory linked below for complete information and additional resources.

ICS-CERT-19-199-01

exacqVision Server 9.6 and 9.8 application running on Windows operating system (all supported versions of Windows).

On March 28, 2019, Tyco security solutions published a product security advisory for exacqVision Server Application

Please reference the linked Johnson Controls advisory below to find mitigation steps: Click Here

March 28, 2019

July 18, 2019

TrueInsight Module Vulnerability
JCI-PSA-2019-05

TrueInsight modules used to connect the Simplex® 4007ES, 4010ES, 4100ES, and 4100U Fire Alarm Control Panels

This vulnerability impacts all TrueInsight modules. If properly exploited, this vulnerability could result in unauthorized access to the fire system. Unfortunately, there is no patch available to fix the vulnerability

Please reference the linked Johnson Controls advisory below to find mitigation steps: Click Here

July 8, 2019

July 8, 2019

Microsoft® Remote Desktop Services Remote Code Execution Vulnerability (a.k.a. “BlueKeep”)

Microsoft® Remote Desktop Services Remote Code Execution Vulnerability (a.k.a. “BlueKeep”).

Vulnerable in-support systems include Windows 7 operating system, Windows Server® 2008 R2, and Windows Server 2008 systems.

Out-of-support but affected operating systems include Windows Server 2003 and Windows XP® operating systems

Microsoft discovered a vulnerability in its Remote Desktop service that is included in most versions of a wide variety of its operating systems. Although this vulnerability is not associated with any specific Johnson Controls application, it does impact the computer environments that can host those applications

Microsoft has released a product update that patches this security issue.

Please reference the linked advisory below to find mitigation steps: Click Here

May 22, 2019

May 22, 2019

ICS-CERT Advisory ICSA-19-163-01

Please visit the ICS-CERT advisory linked above for complete information and additional resources.

ExacqVision (ESM) v5.12.2 and all prior versions of ESM running on a Windows operating system.

This issue does not impact Linux deployments with permissions that are not inherited from the root directory

On February 15, 2019, Tyco security solutions published a product security advisory for ExacqVision Enterprise System Manager (ESM)

Please reference the linked Tyco advisory below to find mitigation steps: Click Here

February 15, 2019

March 28, 2019

2018 Product Security Advisories

Title/Security Advisory ID

Affected Product

Overview

Mitigation

Initial Publication Date

Last updated

CPP-PSA-20180-02 v1

Facility Explorer™ Path Traversal and Improper Authentication Vulnerabilities

ICS CERT Notice ICSA-19-022-01

CVE-2017-16744

CVE-2017-16748

Please visit the ICS CERT notice linked above for complete information and additional resources.

Facility Explorer 6.x (Niagara AX Framework™) systems, prior to 6.6

Facility Explorer 14.x (Niagara 4) systems, prior to 14.4u1

_Facility Explore_r Software Release 6.6 and 14.4u1 includes several fixes and important vulnerability mitigations for cybersecurity protection.

Customers should upgrade to the latest available product versions.

Johnson Controls recommends taking steps to minimize risks to all building automation systems.

The Department of Homeland Security’s ICS-CERT also provides a section for Control Systems Security Recommended Practices.

January 11, 2018

September 4, 2018

ICSA-14-350-02

Metasys® Building Automation System (BAS) Information Disclosure Vulnerability

ICS Cert Notice ICSA-18-212-02

CVE-2018-10624

Please visit the ICS CERT notice linked above for complete information and additional resources.

Metasys system versions 8.0 and prior. BCM (now BC Pro) all versions prior to 3.0.2

A previous version of the Metasys BAS could potentially reveal technical information when an authentication error occurs in the BAS server.

Customers should upgrade to the latest product versions. Contact your Johnson Controls Sales or Service representative for details.

Johnson Controls recommends taking steps to minimize risks to all BASs.Please reference our
Metasys Security Page.The Department of Homeland Security’s ICS-CERT also provides a section for Control Systems Security Recommended Practices.

March 17, 2015

August 27, 2018

Pub # GPS-PSA-2018-02

“Meltdown” and “Spectre” Vulnerabilities CERT Vulnerability Note VU#584653

Johnson Controls Product Security Incident Response Team (PSIRT) is assessing potential impact to Johnson Controls products. Find Updates Here.

Researchers recently disclosed new security vulnerabilities that impact aspects of many modern processors and that could be exploited to allow an attacker to obtain access to sensitive data. These vulnerabilities allow for side-channel attacks to read data from memory. These vulnerabilities can affect personal computers, mobile devices, and the cloud.

Although there are currently no known workarounds, below are some suggested actions that customers can take in the short term to reduce their risks:

Check this site regularly for updated information.

As always, prior to deploying software patches or updates, test such patches or updates on non-production systems and follow all vendor instructions and warnings to ensure such patches or updates do not impair system functionality.

Although not specific to this vulnerability, always implement proper building system and corporate network segmentation and boundary security and access controls.

January 10, 2018

January 26, 2018

2017 Product Security Advisories

Title/Security Advisory ID

Affected Product

Overview

Mitigation

Initial Publication Date

Last updated

“KRACK” Wi-Fi Vulnerability Attacks: CERT Vulnerability Note VU#228519

Johnson Controls Product Security Incident Response Team (PSIRT) is assessing potential impact to Johnson Controls products. Update to follow.

A significant weakness in a commonly used Wi-Fi security protocol was announced recently which could put the confidentiality of data transferred through wireless at risk. The attack, dubbed “KRACK” affects a newly discovered weakness in the WPA2 protocol which is commonly to secure Wi-Fi networks.

An attacker within range of a victim can potentially exploit these weaknesses to access some types of information transmitted between wireless clients and wireless network access points, thereby reducing the confidentiality and integrity of the data being transmitted.

October 16, 2017

November 16, 2017

US CERT Alert TA17-132A017-0143
“Indicators Associated with WannaCry Ransomware”

All Metasys® software releases running on affected OS’, All NxE55 series, all NxE85 series and LCS8520

IT systems worldwide have been affected by a prolific Ransomware attack which leverages a Microsoft SMB protocol vulnerability which may affect some Metasys system components.

Apply Microsoft patch for MS17-010 for host operating systems. Contact your JCI Field Representative for remediation details for specific Metasys products.

May 12, 2017

June 7, 2018

2015 Product Security Advisories

Title/Security Advisory ID

Affected Product

Overview

Mitigation

Initial Publication Date

Last updated

ICSA-14-350-02

Metasys® releases 4.1 to 6.5: ADS, ADX, LCS8520, NAE, NIE, NxE8500

Independent security researcher Billy Rios identified two vulnerabilities in Johnson Controls Metasys® building automation system.

Johnson Controls has produced patches for each affected release that mitigate these vulnerabilities. Contact your Johnson Controls representative for more information.

March 17, 2015

August 27, 2018

US CERT Alert TA17-132A017-0143
“Indicators Associated with WannaCry Ransomware”

All Metasys® software releases running on affected OS’, All NxE55 series, all NxE85 series and LCS8520

IT systems worldwide have been affected by a prolific Ransomware attack which leverages a Microsoft SMB protocol vulnerability which may affect some Metasys system components.

Apply Microsoft patch for MS17-010 for host operating systems. Contact your JCI Field Representative for remediation details for specific Metasys products

May 12, 2017

June 7, 2018

2014 Product Security Advisories

Title/Security Advisory ID

Affected Product

Overview

Mitigation

Initial Publication Date

Last updated

CVE-2014-0160"Heartbleed"

None

A vulnerability in OpenSSL could allow a remote attacker to expose sensitive data.

No mitigation required

August 8, 2014

August 25, 2015

CVE-2014-6271"Shellshock"

None

A flaw in the GNU Bourne-Again Shell (Bash) could allow an attacker to remotely execute shell commands.

No mitigation required

September 25, 2014

August 25, 2015

CVE-2014-3566
US-CERT Alert TA-14290A

Metasys® Release 6.5, 7.0, 8.0: Application and Data Server (ADS), Extended Application and Data Server (ADX), ADS-Lite, Open Data Server (ODS), Metasys® Advanced Reporting System, Metasys® Export Utility, Ready Access Portal, and Metasys® User Interface (UI) Release 1.5, 1.5.1, and 2.0

Commonly referred to as Padding Oracle on Downgraded Legacy Encryption (POODLE), this vulnerability may allow an attacker to decrypt cipher
text using a padding oracle side channel attack. The attack leverages the ability for the communication to be downgraded to SSL V3, an older and less secure version of SSL which is vulnerable to attack.

This does not involve any patches or updates to our products, simply a reminder to address this at the Microsoft operating system level.
Disable SSLv3 on the server and standalone computers hosting the affected Metasys software

October 17, 2014

September 30,2016

For everything from asking a question to raising an alarm, please use this form for a quick response from our Johnson Controls cybersecurity organization.

Report a potential vulnerability or cybersecurity concern | Ask about products and services | Learn about protecting your smart building

Related news

CVE-2023-50428: Common Vulnerabilities and Exposures - Bitcoin Wiki

In Bitcoin Core through 26.0 and Bitcoin Knots before 25.1.knots20231115, datacarrier size limits can be bypassed by obfuscating data as code (e.g., with OP_FALSE OP_IF), as exploited in the wild by Inscriptions in 2022 and 2023.

September 2023: VM courses, Bahasa Indonesia, Russian Podcasts, Goodbye Tinkoff, MS Patch Tuesday, Qualys TOP 20, Linux, Forrester, GigaOm, R-Vision VM

Hello everyone! On the last day of September, I decided to record another retrospective episode on how my Vulnerability Management month went. Alternative video link (for Russia): https://vk.com/video-149273431_456239136 September was quite a busy month for me. Vulnerability Management courses I participated in two educational activities. The first one is an on-line cyber security course for […]

Weakness risk-patterns: A Red Hat way to identify poor software practices in the secure development lifecycle

Red Hat strives to get better at what we do, faster at how we do it, while maintaining high quality results. In modern software development, that means focusing on security as early as possible into our software development process, and continuously driving improvements by listening and acting upon early feedback in the Secure Development Lifecycle (SDL). One important tool toward that goal is the Common Weakness Enumeration (CWE), a community-developed taxonomy of flaws. We use CWE classifications to gather intelligence and data to visualize clustering common weaknesses. We can then better

15M+ Services & Apps Remain Sitting Ducks for Known Exploits

Scans of the Internet find that millions of computers, virtual machines, and containers are vulnerable to one or more of the hundreds of cyberattacks currently used in the wild, despite being patchable.

CVE-2022-25837: Reporting Security Vulnerabilities – Bluetooth® Technology Website

Bluetooth® Pairing in Bluetooth Core Specification v1.0B through v5.3 may permit an unauthenticated MITM to acquire credentials with two pairing devices via adjacent access when at least one device supports BR/EDR Secure Connections pairing and the other BR/EDR Legacy PIN code pairing if the MITM negotiates BR/EDR Secure Simple Pairing in Secure Connections mode using the Passkey association model with the pairing Initiator and BR/EDR Legacy PIN code pairing with the pairing Responder and brute forces the Passkey entered by the user into the Responder as a 6-digit PIN code. The MITM attacker can use the identified PIN code value as the Passkey value to complete authentication with the Initiator via Bluetooth pairing method confusion.

CVE-2022-43333: Security Advisory: Telenia Software TVOX

Telenia Software s.r.l TVox before v22.0.17 was discovered to contain a remote code execution (RCE) vulnerability in the component action_export_control.php.

The Sky Is Not Falling: Disclosed OpenSSL Bugs Are Serious but Not Critical

Organizations should update to the latest encryption (version 3.0.7) as soon as possible, but there's no need for Heartbleed-like panic, security experts say.

OpenSSL Releases Patch for 2 New High-Severity Vulnerabilities

The OpenSSL project has rolled out fixes to contain two high-severity flaws in its widely used cryptography library that could result in a denial-of-service (DoS) and remote code execution. The issues, tracked as CVE-2022-3602 and CVE-2022-3786, have been described as buffer overrun vulnerabilities that can be triggered during X.509 certificate verification by supplying a specially-crafted email

Prepare Now for Critical Flaw in OpenSSL, Security Experts Warn

Even if the security bug is not another Heartbleed, prepare like it might be, they note — it has potentially sprawling ramifications.

CVE-2022-34009: Fossil: Change Log

Fossil 2.18 on Windows allows attackers to cause a denial of service (daemon crash) via an XSS payload in a ticket. This occurs because the ticket data is stored in a temporary file, and the product does not properly handle the absence of this file after Windows Defender has flagged it as malware.

CVE-2022-32294: Zimbra Security Advisories - Zimbra :: Tech Center

Zimbra Collaboration Open Source 8.8.15 does not encrypt the initial-login randomly created password (from the "zmprove ca" command). It is visible in cleartext on port UDP 514 (aka the syslog port).

CVE-2021-4234: Access Server Release Notes | OpenVPN

OpenVPN Access Server 2.10 and prior versions are susceptible to resending multiple packets in a response to a reset packet sent from the client which the client again does not respond to, resulting in a limited amplification attack.

CVE-2022-32535: Multiple Vulnerabilities PRA-ES8P2S Ethernet-Switch

The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 runs its web server with root privilege. In combination with CVE-2022-23534 this could give an attacker root access to the switch.

CVE-2022-29855: Security Advisories

Mitel 6800 and 6900 Series SIP phone devices through 2022-04-27 have "undocumented functionality." A vulnerability in Mitel 6800 Series and 6900 Series SIP phones excluding 6970, versions 5.1 SP8 (5.1.0.8016) and earlier, and 6.0 (6.0.0.368) through 6.1 HF4 (6.1.0.165), could allow a unauthenticated attacker with physical access to the phone to gain root access due to insufficient access control for test functionality during system startup. A successful exploit could allow access to sensitive information and code execution.

CVE-2022-29855: Security Advisories

Mitel 6800 and 6900 Series SIP phone devices through 2022-04-27 have "undocumented functionality." A vulnerability in Mitel 6800 Series and 6900 Series SIP phones excluding 6970, versions 5.1 SP8 (5.1.0.8016) and earlier, and 6.0 (6.0.0.368) through 6.1 HF4 (6.1.0.165), could allow a unauthenticated attacker with physical access to the phone to gain root access due to insufficient access control for test functionality during system startup. A successful exploit could allow access to sensitive information and code execution.

CVE-2022-29855: Security Advisories

Mitel 6800 and 6900 Series SIP phone devices through 2022-04-27 have "undocumented functionality." A vulnerability in Mitel 6800 Series and 6900 Series SIP phones excluding 6970, versions 5.1 SP8 (5.1.0.8016) and earlier, and 6.0 (6.0.0.368) through 6.1 HF4 (6.1.0.165), could allow a unauthenticated attacker with physical access to the phone to gain root access due to insufficient access control for test functionality during system startup. A successful exploit could allow access to sensitive information and code execution.

CVE-2022-29855: Security Advisories

Mitel 6800 and 6900 Series SIP phone devices through 2022-04-27 have "undocumented functionality." A vulnerability in Mitel 6800 Series and 6900 Series SIP phones excluding 6970, versions 5.1 SP8 (5.1.0.8016) and earlier, and 6.0 (6.0.0.368) through 6.1 HF4 (6.1.0.165), could allow a unauthenticated attacker with physical access to the phone to gain root access due to insufficient access control for test functionality during system startup. A successful exploit could allow access to sensitive information and code execution.

CVE-2019-2126: Android Security Bulletin—August 2019

In ParseContentEncodingEntry of mkvparser.cc, there is a possible double free due to a missing reset of a freed pointer. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-127702368.

CVE-2017-5711: Security Center

Multiple buffer overflows in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 allow attacker with local access to the system to execute arbitrary code with AMT execution privilege.

CVE-2017-3636: Oracle Critical Patch Update Advisory - July 2017

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.56 and earlier and 5.6.36 and earlier. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L).

CVE-2016-3471: Oracle Critical Patch Update - July 2016

Unspecified vulnerability in Oracle MySQL 5.5.45 and earlier and 5.6.26 and earlier allows local users to affect confidentiality, integrity, and availability via vectors related to Server: Option.

CVE-2016-0642: Oracle Critical Patch Update Advisory - April 2016

Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier allows local users to affect integrity and availability via vectors related to Federated.

CVE-2015-2590: Oracle Critical Patch Update Advisory - July 2015

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2015-4732.

CVE-2015-2582: Oracle Critical Patch Update Advisory - July 2015

Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to GIS.

CVE-2015-0480: Oracle Critical Patch Update - April 2015

Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect integrity and availability via unknown vectors related to Tools.

CVE-2015-0501: Oracle Critical Patch Update - April 2015

Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Compiling.

CVE-2015-0391: Oracle Critical Patch Update Advisory - January 2015

Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect availability via vectors related to DDL.

CVE-2015-0395: Oracle Critical Patch Update Advisory - January 2015

Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.

CVE-2014-3566

The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.

CVE-2014-4260: Oracle Critical Patch Update - July 2014

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier, and 5.6.17 and earlier, allows remote authenticated users to affect integrity and availability via vectors related to SRCHAR.

CVE-2014-4265: Oracle Critical Patch Update - July 2014

Unspecified vulnerability in Oracle Java SE 6u75, 7u60, and 8u5 allows remote attackers to affect integrity via unknown vectors related to Deployment.

CVE-2014-0160

The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907