Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Digital Vaccine #9452

    • Updated:
    • 23 Sep 2020
    • Product/Version:
    • TippingPoint Digital Vaccine
    • Platform:
Summary
Digital Vaccine #9452      September 22, 2020
Details
Public
Thank you for subscribing to Digital Vaccine updates brought to you by Trend Micro™ TippingPoint DVLabs.

New content is now available at the Threat Management Center (TMC): https://tmc.tippingpoint.com.

SMS customers can update the Digital Vaccine through the SMS client. From the top-line menu, you can open the "File > Download Digital Vaccine from TMC" menu item to detect and load the latest update.
 
System Requirements
The 3.2.0 DV will run on IPS devices with TOS v3.2.0 and above,  all NGFW and all TPS systems. The 4.0.0 DV will only run on the Virtual Threat Protection System (vTPS) appliance. Please note that vTPS does not currently support pre-disclosed ZDI filters.
 
The Digital Vaccine can be manually downloaded from the following URLs:
https://tmc.tippingpoint.com/TMC/ViewPackage?parentFolderId=digital_vaccines&contentId=SIG_3.2.0_9452.pkg
https://tmc.tippingpoint.com/TMC/ViewPackage?parentFolderId=vsa_dv&contentId=SIG_VTPS_4.0.0_9452.pkg

Update Details

Table of Contents
--------------------------

Filters
 New Filters - 55
 Modified Filters (logic changes) - 82
 Modified Filters (metadata changes only) - 9
 Removed Filters - 1

Filters
----------------
 New Filters:
    38061: ZDI-CAN-11559: Zero Day Initiative Vulnerability (NETGEAR R7450)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter protects against the exploitation of a zero-day vulnerability affecting NETGEAR R7450.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: September 22, 2020

    38093: ZDI-CAN-11111: Zero Day Initiative Vulnerability (Horner Automation Cscape)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter protects against the exploitation of a zero-day vulnerability affecting Horner Automation Cscape.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: September 22, 2020

    38095: ZDI-CAN-11795: Zero Day Initiative Vulnerability (Delta Industrial Automation CNCSoft)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Delta Industrial Automation CNCSoft.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: September 22, 2020

    38096: ZDI-CAN-11793: Zero Day Initiative Vulnerability (Delta Industrial Automation CNCSoft)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Delta Industrial Automation CNCSoft.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: September 22, 2020

    38097: ZDI-CAN-11737: Zero Day Initiative Vulnerability (Trend Micro OfficeScan)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Trend Micro OfficeScan.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: September 22, 2020

    38109: ZDI-CAN-11170: Zero Day Initiative Vulnerability (Fuji Electric V-Server Lite)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Fuji Electric V-Server Lite.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: September 22, 2020

    38110: ZDI-CAN-11482, ZDI-CAN-11483: Zero Day Initiative Vulnerability (Apache Dubbo)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter protects against the exploitation of a zero-day vulnerability affecting Apache Dubbo.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: September 22, 2020

    38111: ZDI-CAN-11658: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter protects against the exploitation of a zero-day vulnerability affecting Delta Industrial Automation DOPSoft.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: September 22, 2020

    38112: ZDI-CAN-11660: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter protects against the exploitation of a zero-day vulnerability affecting Delta Industrial Automation DOPSoft.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: September 22, 2020

    38113: ZDI-CAN-11661: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter protects against the exploitation of a zero-day vulnerability affecting Delta Industrial Automation DOPSoft.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: September 22, 2020

    38114: ZDI-CAN-11662: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)
      - IPS Version: 3.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter protects against the exploitation of a zero-day vulnerability affecting Delta Industrial Automation DOPSoft.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: September 22, 2020

    38116: ZDI-CAN-11663: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter protects against the exploitation of a zero-day vulnerability affecting Delta Industrial Automation DOPSoft.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: September 22, 2020

    38117: ZDI-CAN-11664: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter protects against the exploitation of a zero-day vulnerability affecting Delta Industrial Automation DOPSoft.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: September 22, 2020

    38118: ZDI-CAN-11666: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter protects against the exploitation of a zero-day vulnerability affecting Delta Industrial Automation DOPSoft.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: September 22, 2020

    38119: ZDI-CAN-11668: Zero Day Initiative Vulnerability (Fuji Electric V-Server Lite)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Fuji Electric V-Server Lite.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: September 22, 2020

    38120: ZDI-CAN-11669: Zero Day Initiative Vulnerability (Fuji Electric V-Server Lite)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter protects against the exploitation of a zero-day vulnerability affecting Fuji Electric V-Server Lite.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: September 22, 2020

    38121: ZDI-CAN-11704: Zero Day Initiative Vulnerability (Fatek Automation FvDesigner)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Fatek Automation WinProladder.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: September 22, 2020

    38122: ZDI-CAN-11707: Zero Day Initiative Vulnerability (Hewlett Packard Enterprise Moonshot)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter protects against the exploitation of a zero-day vulnerability affecting Hewlett Packard Enterprise Moonshot.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: September 22, 2020

    38123: ZDI-CAN-11712: Zero Day Initiative Vulnerability (Delta Industrial Automation CNCSoft)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter protects against the exploitation of a zero-day vulnerability affecting Delta Industrial Automation CNCSoft.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: September 22, 2020

    38124: ZDI-CAN-11713: Zero Day Initiative Vulnerability (Delta Industrial Automation CNCSoft)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter protects against the exploitation of a zero-day vulnerability affecting Delta Industrial Automation CNCSoft.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: September 22, 2020

    38129: HTTP: Nagios XI account main.php Stored Cross-Site Scripting Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a cross-site scripting vulnerability in Nagios XI.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2020-10821
      - Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: September 22, 2020

    38132: HTTP: Jenkins Amazon EC2 Plugin Cross-Site Request Forgery Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a cross-site request forgery vulnerability in Jenkins Amazon EC2 Plugin.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2020-2186 CVSS 4.3
      - Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
      - Protocol: HTTP
      - Platform: Other Server Application or Service
      - Release Date: September 22, 2020

    38140: HTTP: Artica Proxy fw.progress.details.php Directory Traversal Vulnerability 
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: High
      - Description: This filter detects an attempt to exploit a directory traversal vulnerability in Artica Proxy.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2020-13158
      - Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: September 22, 2020

    38142: HTTP: Studio-42 elFinder Command Injection Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a command injection vulnerability in Studio-42 elFinder.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2019-9194
      - Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
      - Protocol: HTTP
      - Platform: UNIX/Linux Server Application or Service
      - Release Date: September 22, 2020

    38143: HTTP: Mambo MOStlyCE Information Disclosure Vulnerability 
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: High
      - Description: This filter detects an attempt to exploit an information disclosure vulnerability in Mambo MOStlyCE.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2008-7212
      - Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
      - Protocol: HTTP
      - Platform: Multi-Platform Client Application
      - Release Date: September 22, 2020

    38144: ZDI-CAN-11369: Zero Day Initiative Vulnerability (D-Link DAP-2020)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter protects against the exploitation of a zero-day vulnerability affecting D-Link DAP-2020.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: September 22, 2020

    38145: ZDI-CAN-11714: Zero Day Initiative Vulnerability (Delta Industrial Automation TPEditor)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter protects against the exploitation of a zero-day vulnerability affecting Delta Industrial Automation TPEditor.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: September 22, 2020

    38146: ZDI-CAN-11727: Zero Day Initiative Vulnerability (Foxit Reader)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter protects against the exploitation of a zero-day vulnerability affecting Foxit Reader.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: September 22, 2020

    38147: ZDI-CAN-11746,ZDI-CAN-11749: Zero Day Initiative Vulnerability (Trend Micro Apex One)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Trend Micro Apex One.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: September 22, 2020

    38148: ZDI-CAN-11757: Zero Day Initiative Vulnerability (Delta Industrial Automation TPEditor)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter protects against the exploitation of a zero-day vulnerability affecting Delta Industrial Automation TPEditor.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: September 22, 2020

    38149: ZDI-CAN-11758: Zero Day Initiative Vulnerability (Delta Industrial Automation TPEditor)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter protects against the exploitation of a zero-day vulnerability affecting Delta Industrial Automation TPEditor.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: September 22, 2020

    38150: ZDI-CAN-11794: Zero Day Initiative Vulnerability (Delta Industrial Automation CNCSoft)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Delta Industrial Automation CNCSoft.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: September 22, 2020

    38151: ZDI-CAN-11802: Zero Day Initiative Vulnerability (Fatek Automation FvDesigner)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Fatek Automation FvDesigner.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: September 22, 2020

    38152: ZDI-CAN-11807: Zero Day Initiative Vulnerability (OMRON CX-One)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting OMRON CX-One.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: September 22, 2020

    38153: ZDI-CAN-11809: Zero Day Initiative Vulnerability (OMRON CX-One)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter protects against the exploitation of a zero-day vulnerability affecting OMRON CX-One.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: September 22, 2020

    38154: ZDI-CAN-11822: Zero Day Initiative Vulnerability (Delta Industrial Automation CNCSoft)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter protects against the exploitation of a zero-day vulnerability affecting Delta Industrial Automation CNCSoft.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: September 22, 2020

    38155: ZDI-CAN-11823: Zero Day Initiative Vulnerability (Delta Industrial Automation CNCSoft)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter protects against the exploitation of a zero-day vulnerability affecting Delta Industrial Automation CNCSoft.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: September 22, 2020

    38156: ZDI-CAN-11824: Zero Day Initiative Vulnerability (Delta Industrial Automation CNCSoft)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter protects against the exploitation of a zero-day vulnerability affecting Delta Industrial Automation CNCSoft.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: September 22, 2020

    38158: ZDI-CAN-11830: Zero Day Initiative Vulnerability (Hewlett Packard Enterprise Moonshot)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter protects against the exploitation of a zero-day vulnerability affecting Hewlett Packard Enterprise Moonshot Provisioning Manager.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: September 22, 2020

    38159: ZDI-CAN-11849: Zero Day Initiative Vulnerability (Schneider Electric EcoStruxure)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter protects against the exploitation of a zero-day vulnerability affecting Schneider Electric EcoStruxure.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: September 22, 2020

    38160: ZDI-CAN-11850: Zero Day Initiative Vulnerability (Schneider Electric EcoStruxure)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter protects against the exploitation of a zero-day vulnerability affecting Schneider Electric EcoStruxure.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: September 22, 2020

    38161: ZDI-CAN-11856: Zero Day Initiative Vulnerability (D-Link DAP-2020)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter protects against the exploitation of a zero-day vulnerability affecting D-Link DAP-2020.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: September 22, 2020

    38162: ZDI-CAN-11871: Zero Day Initiative Vulnerability (Microsoft Chakra)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter protects against the exploitation of a zero-day vulnerability affecting Microsoft Chakra.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: September 22, 2020

    38163: ZDI-CAN-11874,ZDI-CAN-11875: Zero Day Initiative Vulnerability (Microsoft Internet Explorer)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter protects against the exploitation of a zero-day vulnerability affecting Microsoft Internet Explorer.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: September 22, 2020

    38165: HTTP: WordPress WP EasyCart File Upload 
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to upload a file to the WordPress WP EasyCart plugin.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2014-9308
      - Classification: Security Policy - Other
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: September 22, 2020

    38167: HTTP: FasterXML jackson-databind Remote Code Execution Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a remote code execution vulnerability in FasterXML jackson-databind.
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Common Vulnerabilities and Exposures: CVE-2020-9547
      - Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: September 22, 2020

    38168: HTTP: Misskey Cross-Site Scripting Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a cross-site scripting vulnerability in the microblogging platform Misskey.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2019-1020010
      - Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
      - Protocol: HTTP
      - Platform: UNIX/Linux Server Application or Service
      - Release Date: September 22, 2020

    38169: HTTP: Pulse Connect Secure Code Injection Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a code injection vulnerability in Pulse Connect Secure.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2020-8218
      - Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
      - Protocol: HTTP
      - Platform: Networked Hardware Device Application or Service
      - Release Date: September 22, 2020

    38170: HTTP: Cisco Adaptive Security Appliance Privilege Escalation Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: High
      - Description: This filter detects an attempt to exploit a privilege escalation vulnerability affecting Cisco Adaptive Security Appliance (ASA).
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2018-15465
      - Classification: Vulnerability - Access Validation
      - Protocol: HTTP
      - Platform: Networked Hardware Device Application or Service
      - Release Date: September 22, 2020

    38175: HTTP: Proxifier Proxy Client Version Check Attempt
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Security Policy
      - Severity: Moderate
      - Description: This filter detects a software version check request from Proxifier.
      - Deployment: Not enabled by default in any deployment.
      - Classification: Security Policy - Other
      - Protocol: HTTP
      - Platform: Multi-Platform Client Application
      - Release Date: September 22, 2020

    38176: HTTP: Delta Industrial Automation CNCSoft ScreenEditor DPB Out-Of-Bounds Read (ZDI-19-412)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: High
      - Description: This filter detects an attempt to exploit an out-of-bounds read vulnerability in Delta Industrial Automation CNCSoft ScreenEditor.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2019-10949
        - Zero Day Initiative: ZDI-19-412
      - Classification: Vulnerability - Other
      - Protocol: HTTP
      - Platform: Windows Client Application
      - Release Date: September 22, 2020

    38177: HTTP: Delta Industrial Automation CNCSoft ScreenEditor DPB Out-Of-Bounds Read (ZDI-19-414)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: High
      - Description: This filter detects an attempt to exploit an out-of-bounds read vulnerability in Delta Industrial Automation CNCSoft ScreenEditor.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2019-10949
        - Zero Day Initiative: ZDI-19-414
      - Classification: Vulnerability - Other
      - Protocol: HTTP
      - Platform: Windows Client Application
      - Release Date: September 22, 2020

    38178: HTTP: Delta Industrial Automation CNCSoft ScreenEditor DPB Out-Of-Bounds Read (ZDI-19-416)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: High
      - Description: This filter detects an attempt to exploit an out-of-bounds read vulnerability in Delta Industrial Automation CNCSoft ScreenEditor.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2019-10949
        - Zero Day Initiative: ZDI-19-416
      - Classification: Vulnerability - Other
      - Protocol: HTTP
      - Platform: Windows Client Application
      - Release Date: September 22, 2020

    38179: HTTP: NEC ESMPRO Manager RMI Deserialization Vulnerability (ZDI-20-684)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a deserialization vulnerability in NEC ESMPRO Manager.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2020-10917
        - Zero Day Initiative: ZDI-20-684
      - Classification: Vulnerability - Other
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: September 22, 2020

    38182: HTTP: Wibu-Systems CodeMeter Protocol Remote Communications
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Security Policy
      - Severity: Moderate
      - Description: This filter detects Wibu-Systems CodeMeter protocol communications.
      - Deployment: Not enabled by default in any deployment.
      - Classification: Security Policy - Forbidden Application Access or Service Request
      - Protocol: TCP (Generic)
      - Platform: Multi-Platform Client Application
      - Release Date: September 22, 2020

  Modified Filters (logic changes):
    * = Enabled in Default deployments

    * 8610: SNMP: Microsoft Windows GetBulk Request Buffer Overflow
      - IPS Version: 3.1.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Description updated.
      - Detection logic updated.
      - Release Date: October 08, 2009
      - Last Modified Date: September 22, 2020

    20736: HTTP: Advantech WebAccess Dashboard uploadImageCommon File Upload Vulnerability (ZDI-16-128)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Detection logic updated.
      - Release Date: September 15, 2015
      - Last Modified Date: September 22, 2020

    33540: HTTP: HPE IMC ictExpertCSVDownload EL Injection Vulnerability (ZDI-19-264,ZDI-20-157,158,166)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "33540: HTTP: HPE Intelligent Management Center ictExpertCSVDownload EL Injection Vulnerability (ZDI-19-264)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: November 27, 2018
      - Last Modified Date: September 22, 2020

    * 34863: HTTP: Apple Safari Integer Overflow Vulnerability (ZDI-19-765)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "34863: PWN2OWN ZDI-CAN-8359: Zero Day Initiative Vulnerability (Apple Safari)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: March 26, 2019
      - Last Modified Date: September 22, 2020

    35037: HTTP: Phoenix Contact Automationworx BCP File Parsing Use-After-Free Vulnerability (ZDI-19-578)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "35037: ZDI-CAN-7780: Zero Day Initiative Vulnerability (Phoenix Contact Automationworx)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: April 30, 2019
      - Last Modified Date: September 22, 2020

    35057: HTTP: EZAutomation EZTouch EZP Buffer Overflow Vulnerability (ZDI-19-700)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "35057: ZDI-CAN-7890: Zero Day Initiative Vulnerability (EZAutomation EZTouch Editor)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: April 30, 2019
      - Last Modified Date: September 22, 2020

    * 35117: HTTP: Microsoft Windows DirectWrite Integer Overflow Vulnerability (ZDI-19-581)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "35117: ZDI-CAN-8331: Zero Day Initiative Vulnerability (Microsoft Windows)".
      - Severity changed from "Critical" to "High".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: May 07, 2019
      - Last Modified Date: September 22, 2020

    35164: HTTP: Microsoft Windows OleCreateFontIndirectExt Out-Of-Bounds Read Vulnerability (ZDI-19-670)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "35164: ZDI-CAN-7959: Zero Day Initiative Vulnerability (Microsoft Windows)".
      - Severity changed from "Critical" to "High".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: May 21, 2019
      - Last Modified Date: September 22, 2020

    35166: HTTP: Apple Safari FontFace Use-After-Free Vulnerability (ZDI-19-537)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "35166: ZDI-CAN-7970: Zero Day Initiative Vulnerability (Apple Safari)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: May 21, 2019
      - Last Modified Date: September 22, 2020

    35167: HTTP: EZAutomation EZPLC EZC File Parsing Memory Corruption Vulnerability (ZDI-19-701)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "35167: ZDI-CAN-8028: Zero Day Initiative Vulnerability (EZAutomation EZPLC EZC)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: May 21, 2019
      - Last Modified Date: September 22, 2020

    35175: HTTP: Advantech WebAccess Heap-based Buffer Overflow Vulnerability (ZDI-19-590)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "35175: ZDI-CAN-8067: Zero Day Initiative Vulnerability (Advantech WebAccess)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: May 21, 2019
      - Last Modified Date: September 22, 2020

    35176: HTTP: Advantech WebAccess Node BwPAlarm Heap-based Buffer Overflow Vulnerability (ZDI-19-591)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "35176: ZDI-CAN-8068: Zero Day Initiative Vulnerability (Advantech WebAccess)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: May 21, 2019
      - Last Modified Date: September 22, 2020

    35273: HTTP: Adobe Photoshop JSX File ExtendScript Denial-Of-Service Vulnerability (ZDI-19-778)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "35273: ZDI-CAN-8519: Zero Day Initiative Vulnerability (Adobe Photoshop)".
      - Severity changed from "Critical" to "High".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: May 21, 2019
      - Last Modified Date: September 22, 2020

    35274: HTTP: Adobe Photoshop PostScript sbw Heap-based Buffer Overflow Vulnerability (ZDI-19-734)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "35274: ZDI-CAN-8520: Zero Day Initiative Vulnerability (Adobe Photoshop)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: May 21, 2019
      - Last Modified Date: September 22, 2020

    35275: HTTP: Adobe Photoshop JSX File ExtendScript Security Bypass Vulnerability (ZDI-19-779)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "35275: ZDI-CAN-8521: Zero Day Initiative Vulnerability (Adobe Photoshop)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: May 21, 2019
      - Last Modified Date: September 22, 2020

    35276: HTTP: Adobe Photoshop JSX ExtendScript Security Bypass Vulnerability (ZDI-19-739)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "35276: ZDI-CAN-8522: Zero Day Initiative Vulnerability (Adobe Photoshop)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: May 21, 2019
      - Last Modified Date: September 22, 2020

    * 35335: HTTP: Microsoft Windows DirectWrite Integer Underflow Vulnerability (ZDI-19-654)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "35335: ZDI-CAN-8332: Zero Day Initiative Vulnerability (Microsoft Windows)".
      - Severity changed from "Critical" to "High".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: June 04, 2019
      - Last Modified Date: September 22, 2020

    35347: HTTP: Adobe Photoshop JSX File ExtendScript Information Disclosure Vulnerability (ZDI-19-772)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "35347: ZDI-CAN-8500: Zero Day Initiative Vulnerability (Adobe Photoshop)".
      - Severity changed from "Critical" to "High".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: June 04, 2019
      - Last Modified Date: September 22, 2020

    35348: HTTP: Adobe Photoshop JSX File ExtendScript Vulnerability (ZDI-19-773)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "35348: ZDI-CAN-8501: Zero Day Initiative Vulnerability (Adobe Photoshop)".
      - Severity changed from "Critical" to "High".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: June 04, 2019
      - Last Modified Date: September 22, 2020

    35363: HTTP: Adobe Photoshop PostScript load Heap-based Buffer Overflow Vulnerability (ZDI-19-729)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "35363: ZDI-CAN-8480: Zero Day Initiative Vulnerability (Adobe Photoshop)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: June 04, 2019
      - Last Modified Date: September 22, 2020

    35365: HTTP: Adobe Photoshop PostScript put Out-Of-Bounds Write Vulnerability (ZDI-19-730)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "35365: ZDI-CAN-8481: Zero Day Initiative Vulnerability (Adobe Photoshop)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: June 04, 2019
      - Last Modified Date: September 22, 2020

    35366: HTTP: Adobe Photoshop JSX File ExtendScript Code Execution Vulnerability (ZDI-19-771)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "35366: ZDI-CAN-8499: Zero Day Initiative Vulnerability (Adobe Photoshop)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: June 04, 2019
      - Last Modified Date: September 22, 2020

    35367: HTTP: Adobe Photoshop JSX File ExtendScript Code Execution Vulnerability (ZDI-19-770)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "35367: ZDI-CAN-8498: Zero Day Initiative Vulnerability (Adobe Photoshop)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: June 04, 2019
      - Last Modified Date: September 22, 2020

    35368: HTTP: Adobe Photoshop JSX File ExtendScript Code Execution Vulnerability (ZDI-19-769)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "35368: ZDI-CAN-8497: Zero Day Initiative Vulnerability (Adobe Photoshop)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: June 04, 2019
      - Last Modified Date: September 22, 2020

    35369: HTTP: Adobe Photoshop JSX File ExtendScript Vulnerability (ZDI-19-768)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "35369: ZDI-CAN-8496: Zero Day Initiative Vulnerability (Adobe Photoshop)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: June 04, 2019
      - Last Modified Date: September 22, 2020

    35371: HTTP: Adobe Photoshop PostScript put Out-Of-Bounds Write Vulnerability (ZDI-19-731)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "35371: ZDI-CAN-8482: Zero Day Initiative Vulnerability (Adobe Photoshop)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: June 04, 2019
      - Last Modified Date: September 22, 2020

    35372: HTTP: Adobe Photoshop PostScript put Out-Of-Bounds Write Vulnerability (ZDI-19-732)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "35372: ZDI-CAN-8490: Zero Day Initiative Vulnerability (Adobe Photoshop)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: June 04, 2019
      - Last Modified Date: September 22, 2020

    35374: HTTP: Foxit Reader AcroForm exportValues Use-After-Free Vulnerability (ZDI-19-630)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "35374: ZDI-CAN-8491: Zero Day Initiative Vulnerability (Foxit Reader)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: June 04, 2019
      - Last Modified Date: September 22, 2020

    35387: HTTP: Adobe Photoshop PostScript callothersubr Out-Of-Bounds Read Vulnerability (ZDI-19-737)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "35387: ZDI-CAN-8554: Zero Day Initiative Vulnerability (Adobe Photoshop)".
      - Severity changed from "Critical" to "High".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: June 11, 2019
      - Last Modified Date: September 22, 2020

    35402: HTTP: Rockwell Automation Arena Simulation DOE Parsing Use-After-Free Vulnerability (ZDI-19-693)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "35402: ZDI-CAN-8016: Zero Day Initiative Vulnerability (Rockwell Automation Arena Simulation)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: June 11, 2019
      - Last Modified Date: September 22, 2020

    35460: HTTP: Fuji Electric Alpha5 WPA File Parsing Stack-based Buffer Overflow Vulnerability (ZDI-19-820)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "35460: ZDI-CAN-8590: Zero Day Initiative Vulnerability (Fuji Electric Alpha5)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: June 18, 2019
      - Last Modified Date: September 22, 2020

    * 35466: HTTP: Microsoft Windows gdiplus Font Parsing Uninitialized Pointer Vulnerability (ZDI-19-573)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "35466: ZDI-CAN-8094: Zero Day Initiative Vulnerability (Microsoft Windows)".
      - Severity changed from "Critical" to "High".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: June 11, 2019
      - Last Modified Date: September 22, 2020

    35471: HTTP: Apple Safari operationPutByValOptimize Out-Of-Bounds Read Vulnerability (ZDI-19-683)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "35471: ZDI-CAN-8489: Zero Day Initiative Vulnerability (Apple Safari)".
      - Severity changed from "Critical" to "High".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: June 11, 2019
      - Last Modified Date: September 22, 2020

    35530: HTTP: Foxit Reader Text removeField Use-After-Free Vulnerability (ZDI-19-632)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "35530: ZDI-CAN-8656: Zero Day Initiative Vulnerability (Foxit Reader)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: July 02, 2019
      - Last Modified Date: September 22, 2020

    35535: HTTP: Foxit PhantomPDF Button Calculate Use-After-Free Vulnerability (ZDI-19-634,ZDI-19-633)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "35535: ZDI-CAN-8757,8759: Zero Day Initiative Vulnerability (Foxit PhantomPDF)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: June 18, 2019
      - Last Modified Date: September 22, 2020

    35550: HTTP: Apple Safari bind Type Confusion Vulnerability (ZDI-19-679)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "35550: ZDI-CAN-8542: Zero Day Initiative Vulnerability (Apple Safari)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: June 18, 2019
      - Last Modified Date: September 22, 2020

    35581: HTTP: Foxit Reader Format String Vulnerability (ZDI-19-635)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "35581: ZDI-CAN-8544: Zero Day Initiative Vulnerability (Foxit Reader)".
      - Severity changed from "Critical" to "High".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: June 25, 2019
      - Last Modified Date: September 22, 2020

    35772: HTTP: Microsoft Windows user32 Cursor Parsing Out-Of-Bounds Read Vulnerability (ZDI-19-781)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "35772: ZDI-CAN-8748: Zero Day Initiative Vulnerability (Microsoft Windows)".
      - Severity changed from "Critical" to "High".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: August 06, 2019
      - Last Modified Date: September 22, 2020

    36279: HTTP: Microsoft Windows Kernel Type 1 Font Processing Buffer Overflow Vulnerability (ZDI-19-986)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "36279: ZDI-CAN-9373: Zero Day Initiative Vulnerability (Microsoft Windows)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: October 08, 2019
      - Last Modified Date: September 22, 2020

    36287: HTTP: Cisco Data Center Network Manager getisls SQL Injection Vulnerability (ZDI-20-035, ZDI-20-036)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "36287: ZDI-CAN-9073,9074: Zero Day Initiative Vulnerability (Cisco Data Center Network Manager)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: October 15, 2019
      - Last Modified Date: September 22, 2020

    36498: HTTP: Advantech WISE-PaaS/RMM SQLMgmt CreateTable SQL Injection Vulnerability (ZDI-19-956)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "36498: ZDI-CAN-9144: Zero Day Initiative Vulnerability (Advantech WISE-PaaS/RMM)".
      - Severity changed from "Critical" to "High".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: October 29, 2019
      - Last Modified Date: September 22, 2020

    36512: HTTP: Cisco DCNM SQL Injection Vulnerability (ZDI-20-097,ZDI-20-098,ZDI-20-099)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "36512: ZDI-CAN-9289,9300,9301: Zero Day Initiative Vulnerability (Cisco Data Center Network Manager)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: November 05, 2019
      - Last Modified Date: September 22, 2020

    36614: HTTP: Xiaomi Mi9 Browser Untrusted Site Redirection Vulnerability (Pwn2Own ZDI-20-287)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "36614: PWN2OWN ZDI-CAN-9656: Zero Day Initiative Vulnerability (Xiaomi Browser)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: November 12, 2019
      - Last Modified Date: September 22, 2020

    36616: HTTP: Samsung Galaxy S10 Out-Of-Bounds Write Vulnerability (Pwn2Own ZDI-20-253)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "36616: PWN2OWN ZDI-CAN-9654: Zero Day Initiative Vulnerability (Samsung Galaxy S10)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: November 12, 2019
      - Last Modified Date: September 22, 2020

    36617: HTTP: Xiaomi Browser ParseFormalParameterList Memory Corruption Vulnerability(Pwn2Own ZDI-20-286)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "36617: PWN2OWN ZDI-CAN-9646: Zero Day Initiative Vulnerability (Xiaomi Browser)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: November 12, 2019
      - Last Modified Date: September 22, 2020

    * 36619: HTTP: Sony X800G Smart TV Vewd Out-Of-Bounds Read Vulnerability (Pwn2Own ZDI-20-126)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "36619: PWN2OWN ZDI-CAN-9641: Zero Day Initiative Vulnerability (Sony X800G)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: November 12, 2019
      - Last Modified Date: September 22, 2020

    36620: HTTP: Xiaomi Mi9 Browser manualUpgradeInfo Coss-Site Scripting Vulnerability (Pwn2Own ZDI-20-289)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "36620: PWN2OWN ZDI-CAN-9665: Zero Day Initiative Vulnerability (Xiaomi Browser)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: November 12, 2019
      - Last Modified Date: September 22, 2020

    36636: HTTP: NETGEAR R6700 UPnP SOAPAction Authentication Bypass Vulnerability (Pwn2Own ZDI-20-703)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "36636: PWN2OWN ZDI-CAN-9642: Zero Day Initiative Vulnerability (Netgear Nighthawk AC1750)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: November 19, 2019
      - Last Modified Date: September 22, 2020

    36644: HTTP: Advantech WISE-PaaS/RMM Multiple Endpoint XXE Vulnerability (ZDI-19-939,ZDI-19-945)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "36644: ZDI-CAN-9086,9213: Zero Day Initiative Vulnerability (Advantech WISE-PaaS/RMM)".
      - Severity changed from "Critical" to "High".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: November 19, 2019
      - Last Modified Date: September 22, 2020

    36646: HTTP: Cisco DCNM getVpcCount SQL Injection Vulnerability (ZDI-20-081,ZDI-20-084)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "36646: ZDI-CAN-9201,9207: Zero Day Initiative Vulnerability (Cisco Data Center Network Manager)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: November 19, 2019
      - Last Modified Date: September 22, 2020

    36667: HTTP: NETGEAR R6700 UPnP NewBlockSiteName Buffer Overflow Vulnerability (Pwn2Own ZDI-20-704)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "36667: PWN2OWN ZDI-CAN-9643: Zero Day Initiative Vulnerability (Netgear Nighthawk AC1750)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: November 26, 2019
      - Last Modified Date: September 22, 2020

    36680: HTTP: Cisco Data Center Network Manager getList SQL Injection Vulnerability (ZDI-20-085, ZDI-20-086)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "36680: ZDI-CAN-9208,9209: Zero Day Initiative Vulnerability (Cisco Data Center Network Manager)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: November 26, 2019
      - Last Modified Date: September 22, 2020

    36684: HTTP: Cisco DCNM SQL Injection Vulnerability (ZDI-20-089,090,091,092)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "36684: ZDI-CAN-9215-9218: Zero Day Initiative Vulnerability (Cisco Data Center Network Manager)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: November 26, 2019
      - Last Modified Date: September 22, 2020

    36685: HTTP: Cisco DCNM getFlowStatListES SQL Injection Vulnerability(ZDI-20-042, ZDI-20-044)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "36685: ZDI-CAN-9219,9223: Zero Day Initiative Vulnerability (Cisco Data Center Network Manager)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: November 26, 2019
      - Last Modified Date: September 22, 2020

    36686: HTTP: Cisco DCNM getLanIslStatListES SQL Injection Vulnerability (ZDI-20-041,043,045,049)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "36686: ZDI-CAN-9220,9222,9224,9225: Zero Day Initiative Vulnerability (Cisco Data Center Network Manager)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: November 26, 2019
      - Last Modified Date: September 22, 2020

    36690: HTTP: Cisco Data Center Network Manager XXE Vulnerability (ZDI-20-114,ZDI-20-120)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "36690: ZDI-CAN-9247,9248: Zero Day Initiative Vulnerability (Cisco Data Center Network Manager)".
      - Severity changed from "Critical" to "High".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: November 26, 2019
      - Last Modified Date: September 22, 2020

    36702: HTTP: Advantech DiagAnywhere Buffer Overflow Vulnerability (ZDI-19-1017,1018,1019,1021)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "36702: ZDI-CAN-9485,9486,9487,9489: Zero Day Initiative Vulnerability (Advantech diagAnywhere)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: December 03, 2019
      - Last Modified Date: September 22, 2020

    36703: HTTP: Advantech DiagAnywhere SET_CURR_DIR Buffer Overflow Vulnerability (ZDI-19-1020)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "36703: ZDI-CAN-9488: Zero Day Initiative Vulnerability (Advantech diagAnywhere)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: December 03, 2019
      - Last Modified Date: September 22, 2020

    36747: HTTP: Advantech WebAccess/NMS extProgramAction File Upload Vulnerability(ZDI-20-386,387)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "36747: ZDI-CAN-9579,9580: Zero Day Initiative Vulnerability (Advantech WebAccess/NMS)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: December 03, 2019
      - Last Modified Date: September 22, 2020

    36833: HTTP: VMware Workstation OVF NTLM Challenge Response Security Bypass Vulnerability (ZDI-20-369)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "36833: ZDI-CAN-9345: Zero Day Initiative Vulnerability (VMware Workstation)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: February 04, 2020
      - Last Modified Date: September 22, 2020

    36881: HTTP: Adobe Acrobat Pro DC TTF Font Parsing Out-Of-Bounds Write Vulnerability (ZDI-20-145)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "36881: ZDI-CAN-9401: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: February 04, 2020
      - Last Modified Date: September 22, 2020

    36891: HTTP: D-Link Multiple Routers HNAP PrivateLogin Authentication Bypass Vulnerability (ZDI-20-267)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "36891: ZDI-CAN-9470: Zero Day Initiative Vulnerability (DLink DIR-882)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: February 04, 2020
      - Last Modified Date: September 22, 2020

    * 36892: HTTP: D-Link Multiple Routers HNAP Authentication Bypass Vulnerability (ZDI-20-268)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "36892: ZDI-CAN-9471: Zero Day Initiative Vulnerability (DLink DIR-882)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: February 11, 2020
      - Last Modified Date: September 22, 2020

    36893: HTTP: Quest Foglight Evolve CommandLineService Remote Code Execution Vulnerability (ZDI-20-290)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "36893: ZDI-CAN-9553: Zero Day Initiative Vulnerability (Quest Foglight Evolve)".
      - Severity changed from "High" to "Critical".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: February 04, 2020
      - Last Modified Date: September 22, 2020

    36931: HTTP: Advantech WebAccess/NMS MibbrowserTrapAddAction XXE Vulnerability (ZDI-20-382)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "36931: ZDI-CAN-9575: Zero Day Initiative Vulnerability (Advantech WebAccess/SCADA)".
      - Category changed from "Exploits" to "Vulnerabilities".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: February 04, 2020
      - Last Modified Date: September 22, 2020

    36947: HTTP: NETGEAR R6700 httpd Information Disclosure Vulnerability (ZDI-20-711)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "36947: ZDI-CAN-9618: Zero Day Initiative Vulnerability (Netgear R6700)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: February 04, 2020
      - Last Modified Date: September 22, 2020

    36977: HTTP: Trend Micro InterScan WSVA Command Injection Vulnerability (ZDI-20-676)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "36977: ZDI-CAN-10095: Zero Day Initiative Vulnerability (Trend Micro InterScan)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: February 04, 2020
      - Last Modified Date: September 22, 2020

    37002: HTTP: Rockwell Automation CopyRenameProject Directory Traversal Vulnerability (Pwn2Own ZDI-20-733)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "37002: PWN2OWN ZDI-CAN-10292: Zero Day Initiative Vulnerability (Rockwall Automation Studio 5000)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: January 28, 2020
      - Last Modified Date: September 22, 2020

    37024: HTTP: Microsoft Windows user32 DIB Scaling Out-Of-Bounds Read Vulnerability (ZDI-20-578)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "37024: ZDI-CAN-10402: Zero Day Initiative Vulnerability (Microsoft Windows)".
      - Severity changed from "Critical" to "High".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: February 11, 2020
      - Last Modified Date: September 22, 2020

    37025: HTTP: Microsoft Windows gdi32full StretchDIBitsImpl Out-Of-Bounds Read Vulnerability (ZDI-20-552)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "37025: ZDI-CAN-10378: Zero Day Initiative Vulnerability (Microsoft Windows)".
      - Severity changed from "Critical" to "High".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: February 11, 2020
      - Last Modified Date: September 22, 2020

    37096: HTTP: NETGEAR R6700 httpd Firmware Upload Buffer Overflow Vulnerability (ZDI-20-712)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "37096: ZDI-CAN-9703: Zero Day Initiative Vulnerability (Netgear R6700)".
      - Severity changed from "High" to "Critical".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: February 18, 2020
      - Last Modified Date: September 22, 2020

    37170: HTTP: NETGEAR R6700 httpd strtblupgrade Buffer Overflow Vulnerability (ZDI-20-713)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "37170: ZDI-CAN-9756: Zero Day Initiative Vulnerability (NETGEAR R6700)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: February 25, 2020
      - Last Modified Date: September 22, 2020

    37173: HTTP: NETGEAR R6700 httpd strtblupgrade Buffer Overflow Vulnerability (ZDI-20-708)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "37173: ZDI-CAN-9767: Zero Day Initiative Vulnerability (NETGEAR R6700)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: February 25, 2020
      - Last Modified Date: September 22, 2020

    37182: HTTP: Advantech WebAccess/NMS DBUtil SQL Injection Vulnerability (ZDI-20-424,427,440)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "37182: ZDI-CAN-9803,9806,9822: Zero Day Initiative Vulnerability (Advantech WebAccess/NMS)".
      - Severity changed from "Critical" to "High".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: February 25, 2020
      - Last Modified Date: September 22, 2020

    37190: HTTP: Advantech WebAccess/NMS DBUtil SQL Injection Vulnerability (ZDI-20-433,434,435,436)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "37190: ZDI-CAN-9815-9818: Zero Day Initiative Vulnerability (Advantech WebAccess/NMS)".
      - Severity changed from "Critical" to "High".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: February 25, 2020
      - Last Modified Date: September 22, 2020

    37467: HTTP: WECON LeviStudioU TrendSet WordAddr Buffer Overflow (ZDI-20-1055-58, ZDI-20-1071)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "37467: ZDI-CAN-10528-32: Zero Day Initiative Vulnerability (WECON LeviStudioU)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: April 07, 2020
      - Last Modified Date: September 22, 2020

    37475: HTTP: WECON LeviStudioU Disc WordAddr4 Buffer Overflow (ZDI-20-1064-65, ZDI-20-1072-74)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "37475: ZDI-CAN-10538-42: Zero Day Initiative Vulnerability (WECON LeviStudioU)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: April 07, 2020
      - Last Modified Date: September 22, 2020

    37476: HTTP: WECON LeviStudioU Alarm bitaddr/WordAddr Buffer Overflow (ZDI-20-1066, ZDI-20-1075)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "37476: ZDI-CAN-10543-44: Zero Day Initiative Vulnerability (WECON LeviStudioU)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: April 07, 2020
      - Last Modified Date: September 22, 2020

    37478: HTTP: WECON LeviStudioU WordAlarmSet WordAddr9 Buffer Overflow Vulnerability (ZDI-20-1068)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "37478: ZDI-CAN-10547: Zero Day Initiative Vulnerability (WECON LeviStudioU)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: April 07, 2020
      - Last Modified Date: September 22, 2020

    37651: HTTP: HPE Pay per use UCS Meter DownloadServlet Directory Traversal Vulnerability (ZDI-20-1098)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "37651: ZDI-CAN-10602: Zero Day Initiative Vulnerability (Hewlett Packard Enterprise UCS Meter)".
      - Severity changed from "Critical" to "High".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: April 28, 2020
      - Last Modified Date: September 22, 2020

    37652: HTTP: HPE Pay per use UCS Meter Directory Traversal Vulnerability (ZDI-20-1099)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "37652: ZDI-CAN-10603: Zero Day Initiative Vulnerability (Hewlett Packard Enterprise UCS Meter)".
      - Severity changed from "Critical" to "High".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: April 28, 2020
      - Last Modified Date: September 22, 2020

    * 38166: MS-NRPC: Microsoft Windows Netlogon Authentication Bypass Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Detection logic updated.
      - Release Date: September 15, 2020
      - Last Modified Date: September 22, 2020

  Modified Filters (metadata changes only):
    * = Enabled in Default deployments

    33858: HTTP: HPE Intelligent Management Center Code Execution Vulnerability (ZDI-19-334,ZDI-20-192)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "33858: HTTP: HPE Intelligent Management Center Code Execution Vulnerability (ZDI-19-334)".
      - Description updated.
      - Vulnerability references updated.
      - Release Date: December 25, 2018
      - Last Modified Date: September 22, 2020

    * 35404: HTTP: Microsoft Word Table Out-Of-Bounds Write Vulnerability (ZDI-19-572)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Description updated.
      - Release Date: June 11, 2019
      - Last Modified Date: September 22, 2020

    35774: HTTP: Fuji Electric Alpha5 SDP File Parsing Buffer Overflow Vulnerability (ZDI-19-763)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Miscellaneous modification.
      - Release Date: August 06, 2019
      - Last Modified Date: September 22, 2020

    36097: HTTP: Advantech WISE-PaaS/RMM RecoveryMgmt XML Information Disclosure (ZDI-19-936,942,943,959)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Miscellaneous modification.
      - Release Date: September 03, 2019
      - Last Modified Date: September 22, 2020

    36271: HTTP: Cisco Data Center Network Manager getLicenses SQL Injection Vulnerability (ZDI-20-031)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Miscellaneous modification.
      - Release Date: October 15, 2019
      - Last Modified Date: September 22, 2020

    36312: HTTP: Advantech WISE-PaaS/RMM AccountMgmt activateAccount XML Information Disclosure (ZDI-19-953)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Miscellaneous modification.
      - Release Date: October 15, 2019
      - Last Modified Date: September 22, 2020

    * 36696: HTTP: Microsoft Office Graph Buffer Overflow Vulnerability (ZDI-20-127)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "36696: HTTP: Microsoft Office Graph Buffer Overflow Vulnerability".
      - Description updated.
      - Vulnerability references updated.
      - Release Date: November 26, 2019
      - Last Modified Date: September 22, 2020

    36894: HTTP: Cisco UCS Director downloadFile Directory Traversal Vulnerability (ZDI-20-538)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Miscellaneous modification.
      - Release Date: February 04, 2020
      - Last Modified Date: September 22, 2020

    36943: HTTP: Adobe Acrobat Reader DC Annotation Use-After-Free Vulnerability (ZDI-20-249)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "36943: HTTP: Adobe Acrobat Reader Use-After-Free Vulnerability".
      - Description updated.
      - Vulnerability references updated.
      - Release Date: February 11, 2020
      - Last Modified Date: September 22, 2020

  Removed Filters:

    35349: ZDI-CAN-8502: Zero Day Initiative Vulnerability (Adobe Photoshop)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Release Date: June 04, 2019
  
Top of the Page
Premium
Internal
Partner
Rating:
Category:
Configure; Troubleshoot; Deploy
Solution Id:
TP000273319
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.