Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-2390PUBLISHED: 2022-08-12
Apps developed with Google Play Services SDK incorrectly had the mutability flag set to PendingIntents that were passed to the Notification service. As Google Play services SDK is so widely used, this bug affects many applications. For an application affected, this bug will let the attacker, gain th...
CVE-2022-2503PUBLISHED: 2022-08-12
Dm-verity is used for extending root-of-trust to root filesystems. LoadPin builds on this property to restrict module/firmware loads to just the trusted root filesystem. Device-mapper table reloads currently allow users with root privileges to switch out the target with an equivalent dm-linear targe...
CVE-2022-2779PUBLISHED: 2022-08-12
A vulnerability classified as critical was found in SourceCodester Gas Agency Management System. Affected by this vulnerability is an unknown functionality of the file /gasmark/assets/myimages/oneWord.php. The manipulation of the argument shell leads to unrestricted upload. The attack can be launche...
CVE-2022-38179PUBLISHED: 2022-08-12JetBrains Ktor before 2.1.0 was vulnerable to the Reflect File Download attack
CVE-2022-38180PUBLISHED: 2022-08-12In JetBrains Ktor before 2.1.0 the wrong authentication provider could be selected in some cases
User Rank: Apprentice
6/24/2020 | 3:34:07 PM
I also believe it is too late to think in terms of telehealth systems as on-premise. Every telehealth system I have looked at in the last year (and there have been many) all connect to the cloud, even systems with on-premise servers have a cloud connection. We must treat telehealth privcy and security proactively or we will always be chasing the newest threats and vulnerabilities. Telehealth is not going away so we better secure it.
I would really like for more people to join our CSA Health Information Management work group and help develop best practices for securing all healthcrae in the cloud.