F5 patches Critical RCE vulnerability (CVE-2020-5902) in BIG-IP configuration utility

F5 has patched a Critical remote code execution (RCE) vulnerability (CVE-2020-5902) in the Configuration utility of BIG-IP. Researchers further discovered 8,000 devices were vulnerable on the internet and could result in full system compromise.

Continue Reading F5 patches Critical RCE vulnerability (CVE-2020-5902) in BIG-IP configuration utility

Netgear fixes high risk vulnerability in multiple routers and network devices

Netgear has released firmware updates to fix a high severity remote code execution (RCE) vulnerability in multiple Netgear routers and other network devices. A remote attacker could exploit to take control of an affected device.

Continue Reading Netgear fixes high risk vulnerability in multiple routers and network devices

Microsoft issues advisory for two zero-day RCE vulnerabilities exploited in the wild (updated)

Microsoft has issued a new security advisory for two remote code execution (RCE) vulnerabilities in Adobe Type Manager (ATM) Library exploited in the wild. Microsoft also published several workarounds to reduce risk until a patch is rolled out.

Continue Reading Microsoft issues advisory for two zero-day RCE vulnerabilities exploited in the wild (updated)