Threatscape

All the following vulnerabilities were discovered either by Positive Research experts or by automated security products from Positive Technologies, including MaxPatrol and PT Application Inspector.

PT-2017-12

Fix date:	no patches available
Systems affected:	Intel Management Engine 11.x
Vendor:	Intel
Notification status:	26.07.2017 - Vendor gets vulnerability details

Medium (5.3) (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

PT-2017-11

Fix date:	no patches available
Vector:	Remote
Vendor:	ABB
Notification status:	02.04.2017 - Vendor gets vulnerability details

Medium (6.5) (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N)

PT-2017-10

Fix date:	no patches available
Vector:	Remote
Vendor:	Hirschmann
Notification status:	16.03.2017 - Vendor gets vulnerability details

Medium (5.3) (AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N)

PT-2017-09

Fix date:	no patches available
Vector:	Remote
Vendor:	Hirschmann
Notification status:	16.03.2017 - Vendor gets vulnerability details

Medium (4.2) (AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N)

PT-2017-08

Fix date:	no patches available
Vector:	Remote
Vendor:	Hirschmann
Notification status:	16.03.2017 - Vendor gets vulnerability details

High (7.5) (AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H)

PT-2017-07

Fix date:	no patches available
Vector:	Remote
Vendor:	Hirschmann
Notification status:	16.03.2017 - Vendor gets vulnerability details

High (7.8) (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

PT-2017-06: Race Condition in Linux

Fix date:	no patches available
Vector:	Local
Systems affected:	Linux Kernel 4.10.x
Vendor:	Linux
Notification status:	28.02.2017 - Vendor gets vulnerability details 10.03.2017 - Vendor releases fixed version and details 17.03.2017 - Public disclosure

High (7.8) (AV:N/AC:M/Au:N/C:C/I:P/A:N)

PT-2017-05

Fix date:	no patches available
Vector:	Remote
Vendor:	RocketChat
Notification status:	20.02.2017 - Vendor gets vulnerability details

High (7.0) (AV:P/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H)

PT-2017-04

Fix date:	no patches available
Vector:	Local
Systems affected:	Kaspersky Embedded System Security
Vendor:	Kaspersky Labs
Notification status:	27.01.2017 - Vendor gets vulnerability details

High (8.8) (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)

PT-2017-03: Buffer Overflow in Checker ATM Security

Fix date:	no patches available
Vector:	Remote
Systems affected:	Checker ATM Security
Vendor:	GMV
Notification status:	18.01.2017 - Vendor gets vulnerability details 06.04.2017 - Vendor releases fixed version and details 04.05.2017 - Public disclosure

Low (2.7) (AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L)

PT-2017-02: Insufficient Permissions in Rockwell Automation Micrologix 1100 and 1400 PLC

Fix date:	no patches available
Vector:	Remote
Systems affected:	Rockwell Automation 1763 MicroLogix 1100 Controllers Rockwell Automation 1766 MicroLogix 1400 Controllers
Vendor:	Rockwell Automation
Notification status:	11.06.2015 - Vendor gets vulnerability details 05.01.2017 - Vendor releases fixed version and details 11.01.2017 - Public disclosure

Medium (6.5) (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)

PT-2017-01: Information Disclosure in Rockwell Automation Micrologix 1100 and 1400 PLC

Fix date:	no patches available
Vector:	Remote
Systems affected:	Rockwell Automation 1763 MicroLogix 1100 Controllers Rockwell Automation 1766 MicroLogix 1400 Controllers
Vendor:	Rockwell Automation
Notification status:	11.06.2015 - Vendor gets vulnerability details 05.01.2017 - Vendor releases fixed version and details 11.01.2017 - Public disclosure

Medium (4.3) (AV:N/AC:M/Au:N/C:N/I:N/A:P)

PT-2016-61: Denial of Service in the web interface to TP-Link wireless devices control system

Fix date:	no patches available
Vector:	Remote
Systems affected:	TP-LINK AC series models TP-LINK TL-MR series models TP-LINK TL-WA series models TP-LINK TL-WDR series models TP-LINK TL-WR series models
Vendor:	TP-Link
Notification status:	11.03.2015 - Vendor gets vulnerability details 20.02.2016 - Vendor releases fixed version and details 26.12.2016 - Public disclosure

High (7.2) (AV:L/AC:L/Au:N/C:C/I:C/A:C)

PT-2016-60

Fix date:	no patches available
Vector:	Local
Vendor:	SAP
Notification status:	16.12.2016 - Vendor gets vulnerability details

Medium (6.7) (AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:L)

PT-2016-59

Fix date:	no patches available
Vector:	Local
Vendor:	Schneider Electric
Notification status:	13.12.2016 - Vendor gets vulnerability details

Medium (6.1) (AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:L)

PT-2016-58

Fix date:	no patches available
Vector:	Local
Vendor:	Schneider Electric
Notification status:	13.12.2016 - Vendor gets vulnerability details

Medium (5.0) (AV:N/AC:L/Au:N/C:N/I:P/A:N)

PT-2016-57

Fix date:	no patches available
Vector:	Remote
Vendor:	RocketChat
Notification status:	27.10.2016 - Vendor gets vulnerability details

Medium (5.0) (AV:N/AC:L/Au:N/C:N/I:P/A:N)

PT-2016-56

Fix date:	no patches available
Vector:	Remote
Vendor:	RocketChat
Notification status:	27.10.2016 - Vendor gets vulnerability details

Medium (6.4) (AV:N/AC:L/Au:N/C:P/I:P/A:N)

PT-2016-55

Fix date:	no patches available
Vector:	Remote
Vendor:	RocketChat
Notification status:	27.10.2016 - Vendor gets vulnerability details

High (7.8) (AV:N/AC:M/Au:N/C:C/I:P/A:N)

PT-2016-54

Fix date:	no patches available
Vector:	Remote
Vendor:	RocketChat
Notification status:	27.10.2016 - Vendor gets vulnerability details

Severity level

All levels

High

Medium

Low

Date filters

Date range

Year Year

Month Month

Starts:

Year Year

Month Month

Ends:

Year Year

Month Month

Vendor

Company name Company name

Systems affected

Software name Software name

Show threats with CVE-ID

Reset filter

Positive Technologies Application Inspector

Interesting Articles

September 14, 2017 Web Application Attack Statistics: Q2 2017
August 28, 2017 Disabling Intel ME 11 via undocumented mode
August 22, 2017 Cybersecurity Threatscape: Q2 2017