#js

Red Hat Security Advisory 2023-7263-01 - An update for open-vm-tools is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2023-7262-01 - An update for open-vm-tools is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2023-7261-01 - An update for open-vm-tools is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2023-7260-01 - An update for open-vm-tools is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2023-7259-01 - An update for.NET 6.0 is now available for Red Hat Enterprise Linux 7. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2023-7258-01 - An update for dotnet6.0 is now available for Red Hat Enterprise Linux 8. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2023-7257-01 - An update for dotnet6.0 is now available for Red Hat Enterprise Linux 9. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2023-7256-01 - An update for dotnet7.0 is now available for Red Hat Enterprise Linux 8. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2023-7255-01 - An update for dotnet7.0 is now available for Red Hat Enterprise Linux 9. Issues addressed include a bypass vulnerability.

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SINEC PNI Vulnerabilities: Improper Input Validation, Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to achieve remote code execution, a denial-of-service condition, or perform buffer overflows. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following products of Siemens, are affected: SINEC PNI: Versions prior to V2.0 3.2 Vulnerability Overview 3.2.1 IMPROPER INPUT VALIDATION CWE-20 .NET and Visual Studio Information Disclosure Vulnerability. CVE-2022-30184 has been assigned to this vulnera...