Juniper patches Junos OS, SRX, SRC Bouncy Castle and many other vulnerabilities

Juniper Networks has released 19 security advisories to fix many vulnerabilities on Junos OS and other products. The updates also address a Critical SRX "double free" flaw and multiple SRC Bouncy Castle vulnerabilities.

Continue Reading Juniper patches Junos OS, SRX, SRC Bouncy Castle and many other vulnerabilities

F5 patches Critical RCE vulnerability (CVE-2020-5902) in BIG-IP configuration utility

F5 has patched a Critical remote code execution (RCE) vulnerability (CVE-2020-5902) in the Configuration utility of BIG-IP. Researchers further discovered 8,000 devices were vulnerable on the internet and could result in full system compromise.

Continue Reading F5 patches Critical RCE vulnerability (CVE-2020-5902) in BIG-IP configuration utility

Cisco patches small business switch high risk vulnerability (CVE-2020-3297) and 7 other security issues

Cisco has patched a High severity Cisco small business switch vulnerability (CVE-2020-3297) and 7 other Medium rated issues that affect multiple Cisco products.

Continue Reading Cisco patches small business switch high risk vulnerability (CVE-2020-3297) and 7 other security issues

Netgear fixes high risk vulnerability in multiple routers and network devices

Netgear has released firmware updates to fix a high severity remote code execution (RCE) vulnerability in multiple Netgear routers and other network devices. A remote attacker could exploit to take control of an affected device.

Continue Reading Netgear fixes high risk vulnerability in multiple routers and network devices

Cisco patches Critical RCE vulnerability in Unified CCX software

Cisco patched a Critical RCE vulnerability in the Java Remote Management Interface of Cisco Unified Contact Center Express (Unified CCX). The company also addressed a DoS vulnerability in MDS 9000 Series Switches.

Continue Reading Cisco patches Critical RCE vulnerability in Unified CCX software

BIND and Microsoft DNS security updates

The Internet Systems Consortium (ISC) has released two security updates that fix vulnerabilities on multiple versions of BIND. In addition, Microsoft also issued a new DNS security advisory and workaround. The flaws could allow a remote attacker to exploit and cause a denial of service condition.

Continue Reading BIND and Microsoft DNS security updates