Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-48176PUBLISHED: 2023-01-31Netgear routers R7000P before v1.3.3.154, R6900P before v1.3.3.154, R7960P before v1.4.4.94, and R8000P before v1.4.4.94 were discovered to contain a pre-authentication stack overflow.
CVE-2022-45897PUBLISHED: 2023-01-31On Xerox WorkCentre 3550 25.003.03.000 devices, an authenticated attacker can view the SMB server settings and can obtain the stored cleartext credentials associated with those settings.
CVE-2022-32528PUBLISHED: 2023-01-30A CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause access to manipulate and read files in the IGSS project report directory when an attacker sends specific messages. Affected Products: IGSS Data Server - IGSSdataServer.exe (Versions prior to V15.0.0.22170)
CVE-2022-32529PUBLISHED: 2023-01-30
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted log data request messages. Affected Products: IGSS Data Server - IGSSdataServer.exe (Versio...
CVE-2022-32747PUBLISHED: 2023-01-30
A CWE-290: Authentication Bypass by Spoofing vulnerability exists that could cause legitimate users to be locked out of devices or facilitate backdoor account creation by spoofing a device on the local network. Affected Products: EcoStruxureâ„¢ Cybersecurity Admin Expert (CAE) (Vers...
User Rank: Apprentice
1/13/2014 | 9:15:02 AM
Protecting your patterns
Hopefully, it won't come to the point of a breach in the first place. IBM and its partners are layering in "always aware" intelligence. You can't be in two places at once. So, if the smartphone you accidentally left at a restaurant is being fondled by fraudulent fingers, the pervasive system will recognize the offender's different touch pattern (even if your phone is unlocked) and lock your account.
In another example, imagine two purchases: $40 at a gas station, and $4,000 at Tiffany & Co. Today's fraud monitoring might see the diamond purchase as highly suspicious, and ignore the charge at the pump. But your digital guardian will know that your car has a near-full tank of fuel; that you don't usually re-fuel until you're down to about one quarter tank; not to mention that you're at the office when this charge appears. It will also know that you've been shopping for an engagement ring and have been spending your lunch hour window shopping outside the store.
This and other emerging learning systems will know you, help you, and protect you as we continue to generate more and more data, and put more and more of our lives online.