Vulnerability Summary for the Week of February 22, 2021

Original release date: March 1, 2021  High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info alleghenycreative -- openrepeater OpenRepeater (ORP) before 2.2 allows unauthenticated command…

Comments Off on Vulnerability Summary for the Week of February 22, 2021

NSA Releases Guidance on Zero Trust Security Model

Original release date: February 26, 2021The National Security Agency (NSA) has released Cybersecurity Information Sheet: Embracing a Zero Trust Security Model, which provides information about, and recommendations for, implementing Zero…

Comments Off on NSA Releases Guidance on Zero Trust Security Model

Cisco Releases Security Updates 

Original release date: February 25, 2021Cisco has released security updates to address vulnerabilities in Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected…

Comments Off on Cisco Releases Security Updates 

VMware Releases Multiple Security Updates

Original release date: February 24, 2021VMware has released security updates to address multiple vulnerabilities—CVE-2021-21972, CVE-2021-21973, CVE-2021-21974—in ESXi, vCenter Server, and Cloud Foundation. A remote attacker could exploit some of these vulnerabilities…

Comments Off on VMware Releases Multiple Security Updates

AA21-055A: Exploitation of Accellion File Transfer Appliance

Original release date: February 24, 2021SummaryThis joint advisory is the result of a collaborative effort by the cybersecurity authorities of Australia,[1] New Zealand,[2] Singapore,[3] the United Kingdom,[4] and the United…

Comments Off on AA21-055A: Exploitation of Accellion File Transfer Appliance