AA20-195A: Critical Vulnerability in SAP NetWeaver AS Java

Original release date: July 13, 2020SummaryOn July 13, 2020 EST, SAP released a security update to address a critical vulnerability, CVE-2020-6287, affecting the SAP NetWeaver Application Server (AS) Java component…

Comments Off on AA20-195A: Critical Vulnerability in SAP NetWeaver AS Java

Vulnerability Summary for the Week of July 6, 2020

Original release date: July 13, 2020 The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not…

Comments Off on Vulnerability Summary for the Week of July 6, 2020

VMware Releases Security Update for VeloCloud

Original release date: July 8, 2020VMware has released a security update to address a vulnerability in VeloCloud. An attacker could exploit this vulnerability to obtain sensitive information. The Cybersecurity and…

Comments Off on VMware Releases Security Update for VeloCloud

Citrix Releases Security Updates

Original release date: July 8, 2020Citrix has released security updates to address vulnerabilities in Citrix ADC (formerly known as NetScaler ADC), Citrix Gateway (formerly known as NetScaler Gateway), and Citrix…

Comments Off on Citrix Releases Security Updates

CISA Releases Securing Industrial Control Systems: A Unified Initiative

Original release date: July 7, 2020The Cybersecurity and Infrastructure Security Agency (CISA) has released its five-year industrial control systems (ICS) strategy: Securing Industrial Control Systems: A Unified Initiative. The strategy—developed…

Comments Off on CISA Releases Securing Industrial Control Systems: A Unified Initiative

Vulnerability Summary for the Week of June 29, 2020

Original release date: July 6, 2020 High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info adobe -- bridge Adobe Bridge versions 10.0.1 and earlier version…

Comments Off on Vulnerability Summary for the Week of June 29, 2020

AA20-183A: Defending Against Malicious Cyber Activity Originating from Tor

Original release date: July 1, 2020SummaryThis advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) and Pre-ATT&CK framework. See the ATT&CK for Enterprise and Pre-ATT&CK frameworks for referenced…

Comments Off on AA20-183A: Defending Against Malicious Cyber Activity Originating from Tor