RCE vulnerabilities

Unpatched Vulnerabilities Expose Yifan Industrial Routers to Attacks

by

October 12, 2023 at 07:39AM Chinese company Yifan’s industrial routers are vulnerable to critical security flaws, according to Cisco’s Talos. Yifan was given 90 days to release patches, but none have been issued. The flaws can allow attackers to execute arbitrary commands, change admin credentials, and access devices with admin privileges. All vulnerabilities can be … Read more

Microsoft Patch Tuesday Haunted by Zero-Days, Wormable Bug

by

October 10, 2023 at 06:06PM Microsoft’s October Patch Tuesday update addressed two zero-day vulnerabilities that were actively being attacked, affecting Microsoft WordPad and Skype for Business. A critical-rated bug in Message Queuing was also patched. The update included a total of 103 CVEs, with 13 critical-rated vulnerabilities and 20% of the fixes related to Microsoft … Read more