Eight vulnerabilities in Open Automation Software Platform could lead to information disclosure, improper authentication
OAS Platform allows various devices, including PLCs, servers, files, databases and internet-of-things platforms to communicate with one another and share data when they otherwise would be unable to because of their various protocols.
The driver is vulnerable to memory corruption if an adversary sends a specially crafted shader packer, which can lead to a memory corruption problem in the driver.
Out-of-bounds write vulnerabilities in popular chemistry software; Foxit PDF Reader issues could lead to remote code execution
Seven of the vulnerabilities included in today’s Vulnerability Roundup have a CVSS severity score of 9.8 out of a possible 10.
In all, Talos released 22 security advisories regarding Milesight products this month, nine of which have a CVSS score greater than 8, associated with 69 CVEs.