Rewterz Threat Advisory – Multiple Vulnerabilities in Google Chrome
September 20, 2019Rewterz Threat Alert – Emotet – Indicators of Compromise
September 20, 2019Rewterz Threat Advisory – Multiple Vulnerabilities in Google Chrome
September 20, 2019Rewterz Threat Alert – Emotet – Indicators of Compromise
September 20, 2019Severity
Medium
Analysis Summary
CVE-2019-8998
The QNX procfs service provides access to various process information and assets, which could allow a less privileged process to gain access to a target address space.
CVE-2019-13528
A specific utility may allow an attacker to gain read access to privileged files.
Impact
- Information Exposure
- Improper Authorization
Affected Vendors
Tridium
Affected Products
- Niagara AX 3.8u4
- Niagara 4.4u3
- Niagara 4.7u1
Remediation
Tridium has released updates for the following products:
- Niagara AX 3.8u4:
- OS Dist: 2.7.402.2
- NRE Config Dist: 3.8.401.1
- Niagara 4.4u3:
- OS Dist: 4.4.73.38.1 NRE Config
- Dist: 4.4.94.14.1
- Niagara 4.7u1:
- OS Dist: (JACE 8000) 4.7.109.16.1
- OS Dist (Edge 10): 4.7.109.18.1
- NRE Config Dist: 4.7.110.32.1