Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Digital Vaccine #9590

    • Updated:
    • 22 Sep 2021
    • Product/Version:
    • TippingPoint Digital Vaccine
    • Platform:
Summary
Digital Vaccine #9590      September 21, 2021
Details
Public
Thank you for subscribing to Digital Vaccine updates brought to you by Trend Micro™ TippingPoint DVLabs.

New content is now available at the Threat Management Center (TMC): https://tmc.tippingpoint.com.
 
System Requirements
The 3.2.0 DV will run on IPS devices with TOS v3.2.0 and above,  and all TPS systems. The 4.0.0 DV will only run on the Virtual Threat Protection System (vTPS) appliance. Please note that vTPS does not currently support pre-disclosed ZDI filters.
 
The Digital Vaccine can be manually downloaded from the following URLs:
https://tmc.tippingpoint.com/TMC/ViewPackage?parentFolderId=digital_vaccines&contentId=SIG_3.2.0_9590.pkg
https://tmc.tippingpoint.com/TMC/ViewPackage?parentFolderId=vsa_dv&contentId=SIG_VTPS_4.0.0_9590.pkg

Update Details

Table of Contents
--------------------------

Filters
 New Filters - 13
 Modified Filters (logic changes) - 55
 Modified Filters (metadata changes only) - 4
 Removed Filters - 1

Filters
----------------
  New Filters: 

    40178: HTTP: Nagios XI WatchGuard Wizard Watchguard.inc.php Command Injection Vulnerability
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a command injection vulnerability in Nagios XI WatchGuard Wizard.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2021-37346
      - Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: September 21, 2021

    40311: HTTP: Nagios XI Bulk Modification Tool bulkmodifications.inc.php SQL Injection Vulnerability
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a SQL injection vulnerability in Nagios XI Bulk Modification Tool.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2021-37350
      - Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: September 21, 2021

    40317: HTTP: Advantech R-SeeNet telnet_form.php Cross-Site Scripting Vulnerability
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a cross-site scripting vulnerability in Advantech R-SeeNet.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2021-21799 CVSS 4.3
      - Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: September 21, 2021

    40328: TCP: Oracle WebLogic Server Memory Corruption Vulnerability
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a memory corruption vulnerability in Oracle WebLogic Server.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2021-2394
      - Classification: Vulnerability - Other
      - Protocol: TCP (Generic)
      - Platform: Multi-Platform Server Application or Service
      - Release Date: September 21, 2021

    40329: ZDI-CAN-15192: Zero Day Initiative Vulnerability (Cisco Data Center Network Manager)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform or TPS devices
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Cisco Data Center Network Manager.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: September 21, 2021

    40330: HTTP: Delta Industrial Automation DIAEnergie HandlerAlarmGroup.aspx SQL Injection Vulnerability
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a SQL injection vulnerability in Delta Industrial Automation DIAEnergie.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2021-38393 CVSS 9.1
      - Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
      - Protocol: HTTP
      - Platform: Windows Server Application or Service
      - Release Date: September 21, 2021

    40332: HTTP: Adobe Acrobat DC Buffer Overflow Vulnerability
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a buffer overflow vulnerability in Adobe Acrobat DC.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2021-39845
      - Classification: Vulnerability - Buffer/Heap Overflow
      - Protocol: HTTP
      - Platform: Multi-Platform Client Application
      - Release Date: September 21, 2021

    40333: HTTP: Adobe Acrobat DC Buffer Overflow Vulnerability
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a buffer overflow vulnerability in Adobe Acrobat DC.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2021-39846
      - Classification: Vulnerability - Buffer/Heap Overflow
      - Protocol: HTTP
      - Platform: Multi-Platform Client Application
      - Release Date: September 21, 2021

    40334: HTTP: Adobe Acrobat DC CalRGB Out-of-Bounds Read Vulnerability
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit an out-of-bound read vulnerability in Adobe Acrobat DC.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2021-39844
      - Classification: Vulnerability - Other
      - Protocol: HTTP
      - Platform: Multi-Platform Client Application
      - Release Date: September 21, 2021

    40336: HTTP: Adobe Acrobat Reader MessageHandler Use-After-Free Vulnerability
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a use-after-free vulnerability in Adobe Acrobat Reader.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2021-39842
      - Classification: Vulnerability - Other
      - Protocol: HTTP
      - Platform: Multi-Platform Client Application
      - Release Date: September 21, 2021

    40337: HTTP: Adobe Acrobat AcroForm deleteItemAt Use-After-Free Vulnerability (ZDI-21-1099)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a use-after-free vulnerability in Adobe Acrobat DC.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2021-39837
        - Zero Day Initiative: ZDI-21-1099
      - Classification: Vulnerability - Buffer/Heap Overflow
      - Protocol: HTTP
      - Platform: Multi-Platform Client Application
      - Release Date: September 21, 2021

    40346: TCP: Azure Open Management Infrastructure Unauthorized Command Execution Vulnerability
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a command execution vulnerability in OMI (Open Management Infrastructure) agent.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2021-38647
      - Classification: Vulnerability - Other
      - Protocol: TCP (Generic)
      - Platform: UNIX/Linux Server Application or Service
      - Release Date: September 21, 2021

    40349: HTTP: Microsoft MSHTML MHTML OLE Object Remote Code Execution Vulnerability
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: High
      - Description: This filter detects an attempt to exploit a code execution vulnerability in the Microsoft MSHTML rendering engine.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2021-40444
      - Classification: Vulnerability - Other
      - Protocol: HTTP
      - Platform: Windows Client Application
      - Release Date: September 21, 2021

  Modified Filters (logic changes):
    * = Enabled in Default deployments

    39100: HTTP: Microsoft SharePoint Unsafe Deserialization Vulnerability (ZDI-21-573)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Detection logic updated.
      - Release Date: March 09, 2021
      - Last Modified Date: September 21, 2021

    39332: HTTP: Siemens JT2Go DGN File Parsing Use-After-Free Vulnerability (ZDI-21-987)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "39332: ZDI-CAN-13413: Zero Day Initiative Vulnerability (Siemens JT2Go)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: March 30, 2021
      - Last Modified Date: September 21, 2021

    39333: HTTP: Siemens JT2Go DWG File Parsing Out-Of-Bounds Read Vulnerability (ZDI-21-986)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "39333: ZDI-CAN-13412: Zero Day Initiative Vulnerability (Siemens JT2Go)".
      - Severity changed from "Critical" to "High".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: March 30, 2021
      - Last Modified Date: September 21, 2021

    39334: HTTP: Siemens JT2Go DGN File Parsing Buffer Overflow Vulnerability (ZDI-21-985)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "39334: ZDI-CAN-13411: Zero Day Initiative Vulnerability (Siemens JT2Go)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: March 30, 2021
      - Last Modified Date: September 21, 2021

    39335: HTTP: Siemens JT2Go DWG File Parsing Out-Of-Bounds Write Vulnerability (ZDI-21-984)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "39335: ZDI-CAN-13410: Zero Day Initiative Vulnerability (Siemens JT2Go)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: March 30, 2021
      - Last Modified Date: September 21, 2021

    39336: HTTP: Siemens JT2Go DGN File Parsing Out-Of-Bounds Write Vulnerability (ZDI-21-983)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "39336: ZDI-CAN-13409: Zero Day Initiative Vulnerability (Siemens JT2Go)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: March 30, 2021
      - Last Modified Date: September 21, 2021

    39337: HTTP: Siemens JT2Go DXF File Parsing Out-Of-Bounds Write Vulnerability (ZDI-21-982)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "39337: ZDI-CAN-13408: Zero Day Initiative Vulnerability (Siemens JT2Go)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: March 30, 2021
      - Last Modified Date: September 21, 2021

    39340: HTTP: Siemens JT2Go PAR File Parsing Out-Of-Bounds Read Vulnerability (ZDI-21-981)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "39340: ZDI-CAN-13405: Zero Day Initiative Vulnerability (Siemens JT2Go)".
      - Severity changed from "Critical" to "High".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: March 30, 2021
      - Last Modified Date: September 21, 2021

    39407: HTTP: Fuji Electric Tellus Lite V9 File Parsing Memory Corruption Vulnerability (ZDI-21-1045)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "39407: ZDI-CAN-13267: Zero Day Initiative Vulnerability (Fuji Electric V-Server Lite)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: April 06, 2021
      - Last Modified Date: September 21, 2021

    39408: HTTP: Fuji Electric Tellus Lite V9 File Parsing Buffer Overflow Vulnerability (ZDI-21-1044)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "39408: ZDI-CAN-13263: Zero Day Initiative Vulnerability (Fuji Electric V-Server Lite)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: April 06, 2021
      - Last Modified Date: September 21, 2021

    39409: HTTP: Fuji Electric Tellus Lite V9 File Parsing Out-Of-Bounds Write Vulnerability (ZDI-21-1043)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "39409: ZDI-CAN-13260: Zero Day Initiative Vulnerability (Fuji Electric V-Server Lite)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: April 06, 2021
      - Last Modified Date: September 21, 2021

    39410: HTTP: Fuji Electric Tellus Lite V9 File Parsing Buffer Overflow Vulnerability (ZDI-21-1042)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "39410: ZDI-CAN-13257: Zero Day Initiative Vulnerability (Fuji Electric V-Server Lite)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: April 06, 2021
      - Last Modified Date: September 21, 2021

    39411: HTTP: Fuji Electric Tellus Lite V9 File Parsing Buffer Overflow Vulnerability (ZDI-21-1041)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "39411: ZDI-CAN-13256: Zero Day Initiative Vulnerability (Fuji Electric V-Server Lite)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: April 06, 2021
      - Last Modified Date: September 21, 2021

    39412: HTTP: Fuji Electric Tellus Lite V9 File Parsing Buffer Overflow Vulnerability (ZDI-21-1040)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "39412: ZDI-CAN-13255: Zero Day Initiative Vulnerability (Fuji Electric V-Server Lite)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: April 06, 2021
      - Last Modified Date: September 21, 2021

    39413: HTTP: Fuji Electric Tellus Lite V9 File Parsing Out-Of-Bounds Write Vulnerability (ZDI-21-1039)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "39413: ZDI-CAN-13254: Zero Day Initiative Vulnerability (Fuji Electric V-Server Lite)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: April 06, 2021
      - Last Modified Date: September 21, 2021

    39414: HTTP: Fuji Electric Tellus Lite V9 File Parsing Buffer Overflow Vulnerability (ZDI-21-1038)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "39414: ZDI-CAN-13253: Zero Day Initiative Vulnerability (Fuji Electric V-Server Lite)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: April 06, 2021
      - Last Modified Date: September 21, 2021

    39415: HTTP: Fuji Electric Tellus Lite V9 File Parsing Out-Of-Bounds Write Vulnerability (ZDI-21-1037)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "39415: ZDI-CAN-13252: Zero Day Initiative Vulnerability (Fuji Electric V-Server Lite)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: April 06, 2021
      - Last Modified Date: September 21, 2021

    39433: HTTP: Siemens JT2Go DWG File Parsing Out-Of-Bounds Read Vulnerability (ZDI-21-980)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "39433: ZDI-CAN-13378: Zero Day Initiative Vulnerability (Siemens JT2Go)".
      - Severity changed from "Critical" to "High".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: April 06, 2021
      - Last Modified Date: September 21, 2021

    39448: HTTP: Fuji Electric Tellus Lite V-Simulator File Parsing Buffer Overflow Vulnerability (ZDI-21-1034)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "39448: ZDI-CAN-13295: Zero Day Initiative Vulnerability (Fuji Electric V-Server Lite)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: April 06, 2021
      - Last Modified Date: September 21, 2021

    39449: HTTP: Fuji Electric Tellus Lite V-Simulator File Parsing Buffer Overflow Vulnerability (ZDI-21-1033)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "39449: ZDI-CAN-13294: Zero Day Initiative Vulnerability (Fuji Electric V-Server Lite)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: April 06, 2021
      - Last Modified Date: September 21, 2021

    39450: HTTP: Fuji Electric Tellus Lite V-Simulator File Parsing Buffer Overflow Vulnerability (ZDI-21-1032)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "39450: ZDI-CAN-13293: Zero Day Initiative Vulnerability (Fuji Electric V-Server Lite)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: April 06, 2021
      - Last Modified Date: September 21, 2021

    39451: HTTP: Fuji Electric Tellus Lite V-Simulator Memory Corruption Vulnerability (ZDI-21-1031)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "39451: ZDI-CAN-13292: Zero Day Initiative Vulnerability (Fuji Electric V-Server Lite)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: April 06, 2021
      - Last Modified Date: September 21, 2021

    39455: HTTP: Fuji Electric Tellus Lite V-Simulator File Parsing Buffer Overflow Vulnerability (ZDI-21-1036)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "39455: ZDI-CAN-13276: Zero Day Initiative Vulnerability (Fuji Electric V-Server Lite)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: April 06, 2021
      - Last Modified Date: September 21, 2021

    39456: HTTP: D-Link DAP-2020 webproc var:page Stack-based Buffer Overflow Vulnerability (ZDI-21-979)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "39456: ZDI-CAN-13271: Zero Day Initiative Vulnerability (D-Link DAP-2020)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: April 06, 2021
      - Last Modified Date: September 21, 2021

    39457: HTTP: D-Link DAP-2020 webproc var:menu Stack-based Buffer Overflow Vulnerability (ZDI-21-978)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "39457: ZDI-CAN-13270: Zero Day Initiative Vulnerability (D-Link DAP-2020)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: April 06, 2021
      - Last Modified Date: September 21, 2021

    39462: HTTP: Fuji Electric Tellus Lite V-Simulator File Parsing Buffer Overflow Vulnerability (ZDI-21-1035)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "39462: ZDI-CAN-13179: Zero Day Initiative Vulnerability (Fuji Electric V-Server Lite)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: April 06, 2021
      - Last Modified Date: September 21, 2021

    39479: HTTP: D-Link DAP-2020 webproc Stack-based Buffer Overflow Vulnerability (ZDI-21-977)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "39479: ZDI-CAN-12104: Zero Day Initiative Vulnerability (D-Link DAP-2020)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: April 06, 2021
      - Last Modified Date: September 21, 2021

    39480: HTTP: D-Link DAP-2020 webproc getpage Directory Traversal Vulnerability (ZDI-21-976)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "39480: ZDI-CAN-12103: Zero Day Initiative Vulnerability (D-Link DAP-2020)".
      - Severity changed from "Critical" to "High".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: April 06, 2021
      - Last Modified Date: September 21, 2021

    39517: HTTP: Fuji Electric Tellus Lite V-Simulator File Parsing Buffer Overflow Vulnerability (ZDI-21-1047)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "39517: ZDI-CAN-13470: Zero Day Initiative Vulnerability (Fuji Electric Tellus Lite)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: April 13, 2021
      - Last Modified Date: September 21, 2021

    39518: HTTP: Fuji Electric Tellus Lite V-Simulator V8 Out-Of-Bounds Write Vulnerability (ZDI-21-1049)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "39518: ZDI-CAN-13469: Zero Day Initiative Vulnerability (Fuji Electric Tellus Lite)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: April 13, 2021
      - Last Modified Date: September 21, 2021

    39519: HTTP: Fuji Electric Tellus Lite V-Simulator V8 Out-Of-Bounds Read Vulnerability (ZDI-21-1050)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "39519: ZDI-CAN-13494: Zero Day Initiative Vulnerability (Fuji Electric Tellus Lite)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: April 13, 2021
      - Last Modified Date: September 21, 2021

    39520: HTTP: Fuji Electric Tellus Lite V-Simulator V8 Memory Corruption Vulnerability (ZDI-21-1048)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "39520: ZDI-CAN-13495: Zero Day Initiative Vulnerability (Fuji Electric Tellus Lite)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: April 13, 2021
      - Last Modified Date: September 21, 2021

    39521: HTTP: Fuji Electric Tellus Lite V-Simulator V8 Memory Corruption Vulnerability (ZDI-21-1046)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "39521: ZDI-CAN-13493: Zero Day Initiative Vulnerability (Fuji Electric Tellus Lite)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: April 13, 2021
      - Last Modified Date: September 21, 2021

    39535: HTTP: Zoom Client Marketplace Memory Corruption Vulnerability (Pwn2Own ZDI-21-972)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "39535: PWN2OWN ZDI-CAN-13616: Zero Day Initiative Vulnerability (Zoom Client)".
      - Severity changed from "Critical" to "High".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: April 08, 2021
      - Last Modified Date: September 21, 2021

    39587: HTTP: Fatek Automation FvDesigner FPJ File Parsing Buffer Overflow Vulnerability (ZDI-21-1029)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "39587: ZDI-CAN-13398: Zero Day Initiative Vulnerability (Fatek Automation FvDesigner)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: April 27, 2021
      - Last Modified Date: September 21, 2021

    39595: HTTP: Delta Industrial Automation TPEditor Parsing Memory Corruption Vulnerability (ZDI-21-1023)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "39595: ZDI-CAN-13073: Zero Day Initiative Vulnerability (Delta Industrial Automation TPEditor)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: April 27, 2021
      - Last Modified Date: September 21, 2021

    39596: HTTP: Fatek Automation FvDesigner FPJ File Parsing Uninitialized Pointer Vulnerability (ZDI-21-1030)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "39596: ZDI-CAN-13400: Zero Day Initiative Vulnerability (Fatek Automation FvDesigner)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: April 27, 2021
      - Last Modified Date: September 21, 2021

    39598: HTTP: Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Vulnerability (ZDI-21-1028)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "39598: ZDI-CAN-13392: Zero Day Initiative Vulnerability (Fatek Automation FvDesigner)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: April 27, 2021
      - Last Modified Date: September 21, 2021

    39599: HTTP: Fatek Automation FvDesigner FPJ File Parsing Uninitialized Pointer Vulnerability (ZDI-21-1027)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "39599: ZDI-CAN-13388: Zero Day Initiative Vulnerability (Fatek Automation FvDesigner)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: April 27, 2021
      - Last Modified Date: September 21, 2021

    39604: HTTP: Siemens Solid Edge Viewer DFT File Parsing Out-Of-Bounds Write Vulnerability (ZDI-21-999)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "39604: ZDI-CAN-12994: Zero Day Initiative Vulnerability (Siemens Solid Edge Viewer)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: April 27, 2021
      - Last Modified Date: September 21, 2021

    39605: HTTP: Siemens Solid Edge Viewer DFT File Parsing Out-Of-Bounds Write Vulnerability (ZDI-21-998)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "39605: ZDI-CAN-12993: Zero Day Initiative Vulnerability (Siemens Solid Edge Viewer)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: April 27, 2021
      - Last Modified Date: September 21, 2021

    39607: HTTP: Microsoft Word glTF-SDK Out-Of-Bounds Write Vulnerability (ZDI-21-1024)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "39607: ZDI-CAN-13401: Zero Day Initiative Vulnerability (Microsoft Word)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: April 27, 2021
      - Last Modified Date: September 21, 2021

    * 39937: HTTP: Microsoft Office Visio EMF File Parsing Out-Of-Bounds Write Vulnerability (ZDI-21-1079)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "39937: ZDI-CAN-13828: Zero Day Initiative Vulnerability (Microsoft Office Visio)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: July 06, 2021
      - Last Modified Date: September 21, 2021

    39938: HTTP: Microsoft Visual Studio DDS File Parsing Buffer Overflow Vulnerability (ZDI-21-1076)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "39938: ZDI-CAN-14041: Zero Day Initiative Vulnerability (Microsoft Visual Studio)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: July 06, 2021
      - Last Modified Date: September 21, 2021

    39939: HTTP: Adobe Acrobat Reader Type Confusion Vulnerability (ZDI-21-1092)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "39939: ZDI-CAN-13877: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: July 06, 2021
      - Last Modified Date: September 21, 2021

    39970: HTTP: Adobe Acrobat Pro DC PostScript File Parsing Out-Of-Bounds Read Vulnerability (ZDI-21-1093)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "39970: ZDI-CAN-14055: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)".
      - Severity changed from "Critical" to "High".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: August 24, 2021
      - Last Modified Date: September 21, 2021

    39999: HTTP: Microsoft Word DOC File Parsing Use-After-Free Vulnerability (ZDI-21-1082)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "39999: ZDI-CAN-13918: Zero Day Initiative Vulnerability (Microsoft Word)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: July 20, 2021
      - Last Modified Date: September 21, 2021

    * 40000: HTTP: Microsoft Excel XLS File Parsing Use-After-Free Vulnerability (ZDI-21-1080)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "40000: ZDI-CAN-14118: Zero Day Initiative Vulnerability (Microsoft Excel)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: July 20, 2021
      - Last Modified Date: September 21, 2021

    * 40001: HTTP: Microsoft Office Visio EMF File Memory Corruption Vulnerability (ZDI-21-1081)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "40001: ZDI-CAN-14194: Zero Day Initiative Vulnerability (Microsoft Office Visio)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: July 20, 2021
      - Last Modified Date: September 21, 2021

    * 40005: HTTP: Adobe Acrobat Reader DC AcroForm Field Use-After-Free Vulnerability (ZDI-21-1096)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "40005: ZDI-CAN-14126: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: July 20, 2021
      - Last Modified Date: September 21, 2021

    40018: HTTP: Microsoft Office Word Converter Type Confusion Vulnerability (ZDI-21-1083)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "40018: ZDI-CAN-14198: Zero Day Initiative Vulnerability (Microsoft Word)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: July 27, 2021
      - Last Modified Date: September 21, 2021

    * 40074: HTTP: Microsoft PowerPoint PPT File Parsing Use-After-Free Vulnerability (ZDI-21-1084)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "40074: ZDI-CAN-14451: Zero Day Initiative Vulnerability (Microsoft Office PowerPoint)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: August 17, 2021
      - Last Modified Date: September 21, 2021

    * 40118: HTTP: Adobe Acrobat Reader DC AcroForm buttonGetCaption Use-After-Free Vulnerability (ZDI-21-1098)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "40118: ZDI-CAN-14614: Zero Day Initiative Vulnerability (Adobe Acrobat Reader DC)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: August 31, 2021
      - Last Modified Date: September 21, 2021

    * 40120: HTTP: Adobe Acrobat Reader DC Use-After-Free Vulnerability (ZDI-21-1101)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "40120: ZDI-CAN-14597: Zero Day Initiative Vulnerability (Adobe Acrobat Reader DC)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: August 31, 2021
      - Last Modified Date: September 21, 2021

    * 40121: HTTP: Adobe Acrobat Reader DC AcroForm buttonGetIcon Use-After-Free Vulnerability (ZDI-21-1100)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "40121: ZDI-CAN-14606: Zero Day Initiative Vulnerability (Adobe Acrobat Reader DC)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: August 31, 2021
      - Last Modified Date: September 21, 2021

  Modified Filters (metadata changes only):
    * = Enabled in Default deployments

    24705: TCP: ysoserial Java Deserialization Tool Usage (ZDI-17-953)
      - IPS Version: 3.1.3 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Miscellaneous modification.
      - Release Date: July 05, 2016
      - Last Modified Date: September 21, 2021

    29657: RPC: Advantech WebAccess Malicious IOCTL(ZDI-17-938-940,ZDI-18-009-025,18-029-054,18-058-063,18-483)
      - IPS Version: 3.2.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Description updated.
      - Release Date: October 03, 2017
      - Last Modified Date: September 21, 2021

    39940: RPC: Microsoft Windows AddPrinterDriverEx Request
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Description updated.
      - Vulnerability references updated.
      - Release Date: July 01, 2021
      - Last Modified Date: September 21, 2021

    39954: RPC: Microsoft Windows AsyncEnumPrinterDrivers/AsyncAddPrinterDriver Request
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Description updated.
      - Vulnerability references updated.
      - Release Date: July 06, 2021
      - Last Modified Date: September 21, 2021

  Removed Filters:

    40319: HTTP: Adobe Acrobat Reader DC AcroForm buttonGetIcon Use-After-Free Vulnerability
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Release Date: September 14, 2021

Top of the Page
Premium
Internal
Partner
Rating:
Category:
Configure; Troubleshoot; Deploy
Solution Id:
TP000289071
Feedback
Did this article help you?

Thank you for your feedback!


*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.