https://vulnerability.circl.lu/bundles/feed.atomMost recent bundles.2024-10-06T07:28:07.801821+00:00Vulnerability Lookupinfo@circl.lupython-feedgenContains only the most 10 recent bundles.https://vulnerability.circl.lu/bundle/c854b418-a4e1-4135-958a-a523843c27f0Zyxel security advisory for multiple vulnerabilities in firewalls2024-10-06T07:28:07.807795+00:00Zyxel has released patches addressing multiple vulnerabilities in some firewall versions. Users are advised to install the patches for optimal protection.
| Firewall series | CVE-2024-6343 | CVE-2024-7203 | CVE-2024-42057 | CVE-2024-42058 | CVE-2024-42059 | CVE-2024-42060 | CVE-2024-42061 | Patch availability |
|-----------------------------------|-----------------------|-----------------------|------------------------|------------------------|------------------------|------------------------|------------------------|---------------------|
| ATP | ZLD V4.32 to V5.38 | ZLD V4.60 to V5.38 | ZLD V4.32 to V5.38 | ZLD V4.32 to V5.38 | ZLD V5.00 to V5.38 | ZLD V4.32 to V5.38 | ZLD V4.32 to V5.38 | ZLD V5.39 |
| USG FLEX | ZLD V4.50 to V5.38 | ZLD V4.60 to V5.38 | ZLD V4.50 to V5.38 | ZLD V4.50 to V5.38 | ZLD V5.00 to V5.38 | ZLD V4.50 to V5.38 | ZLD V4.50 to V5.38 | ZLD V5.39 |
| USG FLEX 50(W)/USG20(W)-VPN | ZLD V4.16 to V5.38 | Not affected | ZLD V4.16 to V5.38 | ZLD V4.20 to V5.38 | ZLD V5.00 to V5.38 | ZLD V4.16 to V5.38 | ZLD V4.16 to V5.38 | ZLD V5.39 |
2024-09-05T08:38:26.837494+00:00https://vulnerability.circl.lu/bundle/e49e5ff3-cc60-4b0f-b772-473ad67c3c8cCisco Smart Licensing Utility2024-10-06T07:28:07.807647+00:00Two critical vulnerabilities in Cisco's Smart Licensing Utility allow remote, unauthenticated attackers to gain privileges or access sensitive data.
Vulnerabilities:
* CVE-2024-20439 (CVSS: 9.8): An undocumented static admin account can be exploited to access affected systems.
* CVE-2024-20440 (CVSS: 7.5): An overly verbose debug log can be exploited via a crafted HTTP request, exposing API credentials.
⚠️ These issues are only exploitable if the licensing utility is actively running.
Cisco strongly advises updating systems to mitigate these threats.2024-09-05T15:32:24.185197+00:00