Microsoft has fixed a vulnerability in the PsExec utility that allows local users to gain elevated privileges on Windows devices. PsExec is a Sysinternals utility designed to allow administrators to perform various activities on remote computers, such as launching executables and displaying the output on the local computer or creating reverse shells. Threat actors commonly continue reading : PSExec Privilege Escalation Vulnerability (CVE-2021-1733)

F5 Networks has published patches to address vulnerabilities in its BIG-IP products, four of which were rated as critical in severity. According to the security advisory, the following vulnerability affects BIG-IP applications used in enterprise-grade and modular software suites designed for data and app delivery, load balancing, traffic management, and other business functions. The vulnerabilities continue reading : F5 BIG-IP, BIG-IQ, and BIG-IP Advanced WAF/ASM Vulnerabilities

Security updates have been released by Cisco addressing several critical remote code execution (RCE) vulnerabilities affecting multiple SD-WAN products and the Cisco Smart Software Manager software.  ______________________________ A. List of Vulnerabilities Smart Software Manager Satellite Web UI Command Injection Vulnerabilities – Allows an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system. continue reading : Cisco SD-WAN and Smart Software Manager Software Vulnerabilities

Reolink’s cameras and NVRs (Network Video Recorders), typically used by homeowners and small businesses, critical infrastructure and industrial operators, have been identified to have vulnerabilities in its Peer-to-Peer (P2P) feature, which raised potential security risks and implications to organizations. Two vulnerabilities were identified and tracked as CVE-2020-25169 and CVE-2020-25173. CVE-2020-25169, a cleartext of sensitive information continue reading : Reolink’s P2P and NVR Vulnerabilities (CVE-2020-25169 and CVE-2020-25173)