< ciso
brief />
Security Advisory and Patch Watch Banner

All news in category “Security Advisory and Patch Watch

2054 articles · page 13 of 103

Cisco fixes CVSS 10.0 flaw in Secure Workload

🔒 Cisco issued updates for a maximum-severity vulnerability (CVE-2026-20223) in Secure Workload that allows unauthenticated, remote access to REST API endpoints. The flaw permits crafted API requests to read sensitive data and change configurations across tenant boundaries with Site Admin privileges. Affected versions include Release 3.9 and earlier (migrate), 3.10 (fixed in 3.10.8.3), and 4.0 (fixed in 4.0.3.17). Cisco discovered the issue internally and reports no evidence of exploitation in the wild.
read more →

Critical Cisco Secure Workload vulnerability demands immediate patch

🔒 A critical vulnerability in the on-premises Cisco Secure Workload platform can let a remote, unauthenticated attacker gain site admin privileges by sending a crafted HTTP request to an internal REST API. Cisco assigned CVE-2026-20223 a CVSS score of 10.0 and says the issue stems from insufficient validation and authentication of REST API access. Only on-prem deployments must act immediately by upgrading to the patched versions; SaaS has already been fixed. Cisco reported no known exploitation in the wild at the time of disclosure.
read more →

Microsoft issues emergency fixes for Defender zero-days

🔒 Microsoft released emergency fixes addressing two zero-day vulnerabilities in the malware protection components of Microsoft Defender. The flaws let local attackers escalate to system-level privileges or disrupt the anti-malware service, both of which aid malware persistence and control. CISA added CVE-2026-41091 and CVE-2026-45498 to its KEV catalog after in-the-wild exploitation was detected, and administrators are urged to update the Malware Protection Engine and Antimalware Platform to the specified versions immediately.
read more →

Critical ChromaDB RCE Flaw Leaves Servers Exposed

🔒 Researchers disclosed a critical vulnerability in ChromaDB (CVE-2026-45829) that allows unauthenticated attackers to execute arbitrary code and access sensitive data on affected servers. The flaw is a race condition in the FastAPI-based API server that fetches and executes remote embedding model code before performing authentication checks. HiddenLayer says versions 1.0.0 through 1.5.8 are affected and many public instances remain vulnerable; they recommend using the Rust implementation and restricting network access until a patch is available.
read more →

Chromium leak exposes unfixed persistent JavaScript flaw

🛡️ Google inadvertently published details of an unfixed Chromium vulnerability that allows JavaScript to continue running after the browser is closed, enabling remote code execution via persistent Service Workers. Reported by researcher Lyra Rebane in December 2022, the issue affects all Chromium-based browsers and was marked fixed in February 2024 but a patch was not shipped. The bug tracker entry was briefly made public on May 20, revealing the exploit still works in Chrome Dev 150 and Edge 148, making attacks stealthier and increasing risk until an emergency fix is released.
read more →

Cisco fixes max-severity Secure Workload REST API flaw

🔒 Cisco released patches for a maximum-severity vulnerability in Secure Workload (formerly Tetration) that allowed unauthenticated attackers to gain Site Admin privileges by abusing internal REST APIs. The flaw, tracked as CVE-2026-20223, stems from insufficient validation and authentication of API endpoints and could let attackers read sensitive data and change configurations across tenant boundaries. Cisco provided fixed releases for on-premises deployments and has already remediated the issue in the SaaS offering; no workarounds exist.
read more →

ABB B&R UEFI PXE Vulnerabilities and Vendor Updates

🔒 ABB B&R reported multiple vulnerabilities in the UEFI PXE implementation of affected B&R PCs and controllers. EDK2 Network Package issues include out-of-bounds reads, buffer overflows, infinite loops, and weak PRNG usage that can lead to remote code execution, DoS, DNS poisoning, or data exposure. Vendor updates are available for many product versions and users are advised to apply patches or follow mitigations.
read more →

Hitachi Energy GMS600 OpenSSL timing flaw

🔒 Hitachi Energy reported that GMS600 versions are affected by CVE-2022-4304, a timing-based side-channel in OpenSSL RSA decryption that can allow recovery of pre-master secrets after many trial messages. The flaw impacts all RSA padding modes and can enable decryption of TLS application data. Vendor mitigation is to upgrade to version 1.3.2; CISA reiterates network isolation and defensive best practices.
read more →

ABB Terra AC Wallbox Buffer Overflow Advisory

🔒 ABB reports heap, stack and classic buffer overflow vulnerabilities in select Terra AC Wallbox firmware. An attacker who hijacks Bluetooth and crafts oversized fields could corrupt memory and potentially alter firmware behavior. ABB has released firmware version 1.8.36 (JP) to address the issues and recommends updating as soon as possible.
read more →

Nine‑Year Linux ptrace Flaw Exposes SSH Keys

🔒 A nine‑year logic flaw in the Linux kernel's ptrace path (CVE‑2026‑46333) lets unprivileged local users read sensitive files on default Debian, Fedora and Ubuntu installations. Qualys TRU found the bug in __ptrace_may_access(), exploitable when a privileged process drops credentials and remains briefly reachable; pidfd_getfd() expanded the attack surface. Upstream patches and distro updates are available; mitigations include raising kernel.yama.ptrace_scope to 2.
read more →

B&R Automation Runtime SDM Vulnerabilities Fix Released

🔒 An update resolves multiple vulnerabilities in B&R Automation Runtime SDM prior to 6.4 that could allow session takeover, reflected XSS, or CSV formula injection. The vendor corrected the issues in Automation Runtime 6.4 and notes SDM is disabled by default in AR 6. Customers should apply the update based on risk assessment and follow recommended network isolation and access-control practices.
read more →

ABB B&R Automation Studio: SQLite component vulnerabilities

🔒 ABB disclosed multiple vulnerabilities in affected versions of B&R Automation Studio stemming from an outdated third-party SQLite component. An update to Automation Studio 6.5 corrects these issues and the vendor urges customers to apply the update promptly. The advisory lists numerous memory safety and logic issues (heap overflows, integer overflows, use-after-free, NULL dereferences, improper input validation, and more) that could enable unauthorized access, data exposure, or remote code execution. Customers should follow the product manual to identify versions and install updates, and apply general security recommendations as mitigation.
read more →

Microsoft warns of two actively exploited Defender flaws

🔒 Microsoft disclosed two Microsoft Defender vulnerabilities under active exploitation: CVE-2026-41091, a local privilege escalation rated 7.8 that can allow an attacker to gain SYSTEM privileges via improper link resolution, and CVE-2026-45498, a denial-of-service issue rated 4.0. Both are addressed in Defender Antimalware Platform versions 1.1.26040.8 and 4.18.26040.7. Systems with Defender disabled are not affected; updates are applied automatically through malware definitions and the Microsoft Malware Protection Engine.
read more →

Microsoft Warns: Two Defender Zero-Days Patched Urgently

🛡️ Microsoft released emergency updates on Wednesday to address two actively exploited Microsoft Defender zero-day vulnerabilities. The first, CVE-2026-41091, affects the Microsoft Malware Protection Engine and can be abused to achieve SYSTEM privileges via improper link resolution before file access. The second, CVE-2026-45498, impacts the Defender Antimalware Platform and may be used to trigger denial-of-service; Microsoft says updates should deploy automatically but advises administrators to verify platform and signature versions and confirm successful installation.
read more →

Nine-Year Linux Kernel Flaw Lets Local Users Gain Root

🔒 Qualys disclosed a nine-year-old Linux kernel vulnerability tracked as CVE-2026-46333 (ssh-keysign-pwn) that stems from the __ptrace_may_access() code path. The flaw can allow an unprivileged local user to disclose sensitive files such as /etc/shadow and SSH host private keys and to execute arbitrary commands as root on default installs of Debian, Fedora, and Ubuntu. A public proof-of-concept appeared after a kernel commit; vendors have issued patches and recommend raising kernel.yama.ptrace_scope to 2 as a temporary mitigation.
read more →

Highly Critical PostgreSQL SQLi Fix Released for Drupal

🛡️ Drupal issued emergency updates addressing a "highly critical" SQL injection flaw tracked as CVE-2026-9082 in its database abstraction API that can be exploited against sites using PostgreSQL, allowing information disclosure and in some cases privilege escalation or remote code execution. The vendor released patched builds for supported 11.x and 10.x branches and published manual patches for EOL versions. Upstream Symfony and Twig fixes are also included in recent releases.
read more →

Microsoft Weighs Patch for YellowKey BitLocker Flaw

🔒 Microsoft is evaluating a patch for a newly disclosed zero-day, YellowKey, which can bypass BitLocker encryption and allow local attackers to read and modify files. The company issued an advisory for CVE-2026-45585 and provided immediate mitigation guidance while a fix is considered. Organizations are urged to limit physical access to vulnerable devices, audit their environments, and strengthen Secure Boot and firmware integrity controls.
read more →

Drupal issues emergency patch for critical SQL injection

🚨Drupal administrators must apply an emergency core update to address a “highly critical” SQL injection defect (CVE-2026-9082) that affects sites using PostgreSQL. The release also bundles upstream fixes for Symfony and Twig, so Drupal urges updates even for non-Postgres deployments. Supported branches 11.3, 11.2, 10.6 and 10.5 are patched, while end-of-life versions may receive unsupported best-effort patches. The flaw permits anonymous attackers to send crafted requests resulting in arbitrary SQL injection, information disclosure, and potential privilege escalation or remote code execution.
read more →

SonicWall VPN MFA Bypass: CVE-2024-12802 Exploits and Risks

🔒 ReliaQuest observed attackers brute-forcing credentials and bypassing MFA on SonicWall Gen6 SSL‑VPN appliances by exploiting CVE-2024-12802, allowing rapid internal access and attempts to deploy Cobalt Strike and a vulnerable driver. SonicWall warns that installing the firmware update alone on Gen6 devices does not fully mitigate the flaw; administrators must manually reconfigure LDAP settings to restore MFA enforcement. Gen7/Gen8 devices are fully remediated by firmware updates.
read more →

Critical Drupal Core Security Update Scheduled Today

🛡️ Drupal has issued a core security release scheduled for May 20 between 17:00 and 21:00 UTC, warning that exploits could appear within hours of disclosure. Administrators are urged to reserve time for the update and to upgrade sites running Drupal 8 or 9 to at least 10.6. Patches will be released for several 10.x and 11.x branches, and although some older branches are EOL, hotfixes will be provided for affected 9.5 and 8.9 releases. Sites using Drupal Steward have mitigations but should still apply updates promptly.
read more →