Juniper Networks has released 19 security advisories to fix many vulnerabilities on Junos OS and other products. The updates also address a Critical SRX "double free" flaw and multiple SRC Bouncy Castle vulnerabilities.
F5 has patched a Critical remote code execution (RCE) vulnerability (CVE-2020-5902) in the Configuration utility of BIG-IP. Researchers further discovered 8,000 devices were vulnerable on the internet and could result in full system compromise.
Cisco has patched a High severity Cisco small business switch vulnerability (CVE-2020-3297) and 7 other Medium rated issues that affect multiple Cisco products.
Palo Alto Networks has issues a Critical security advisory for PAN-OS authentication bypass in SAML authentication vulnerability CVE-2020-2021.
Netgear has released firmware updates to fix a high severity remote code execution (RCE) vulnerability in multiple Netgear routers and other network devices. A remote attacker could exploit to take control of an affected device.
Security experts warn malware variants of XORDDoS and Kaiji distributed denial-of-service (DDoS) botnets are targeting exposed Docker servers.
Cisco has released a Critical security advisory for three Treck IP Stack vulnerabilities, as well as seven other High severity advisories that affect multiple products.
A security researcher has developed new proof-of-concept (PoC) code that can exploit an SMBv3 compression remote code execution (RCE) vulnerability CVE-2020-0796 on unpatched Windows systems.
Cisco patched a Critical RCE vulnerability in the Java Remote Management Interface of Cisco Unified Contact Center Express (Unified CCX). The company also addressed a DoS vulnerability in MDS 9000 Series Switches.
The Internet Systems Consortium (ISC) has released two security updates that fix vulnerabilities on multiple versions of BIND. In addition, Microsoft also issued a new DNS security advisory and workaround. The flaws could allow a remote attacker to exploit and cause a denial of service condition.