What Vulnerabilities Were Found

7% of all reported vulnerabilities in 2017 were found in SCADA products, down from 2. Top 10 vulnerabilities in connected devices. Vulnerabilities definition, capable of or susceptible to being wounded or hurt, as by a weapon: a vulnerable part of the body. 11 Security Vulnerabilities. Separately, the review also found two critical vulnerabilities in databases that support the website. we found that 44% of docker image scans had known vulnerabilities, and for which there were newer and more secure base image available. S Ballistic Missiles Systems 12/18/18 After a security audit by the Department of Defense Inspector General multiple cybersecurity flaws in U. Threats, Vulnerabilities and Exploits - oh my! Some of the most commonly used security are misunderstood or used as if they were synonymous. Adobe has released patches addressing the vulnerability. The attack vectors frequently used by malicious actors such as email attachments, compromised "watering hole" websites, and other tools often rely on taking advantage of unpatched vulnerabilities found in widely used software applications. A vulnerability found in the update service of the Cisco Webex Meetings Desktop App for Windows could allow an unprivileged local attacker to elevate privileges and run arbitrary commands using. 6, all versions prior to R410. Hackers found and disclosed 47 new vulnerabilities affecting 23 IoT devices from 21 manufacturers during during the IoT Village at DEF CON. We can see that more vulnerabilities were found in PHP, Python, Ruby, and Perl during 2016 in comparison to 2015, while fewer vulnerabilities were found in Java and. In addition, penetration testing involves modeling real-world threats in order to discover vulnerabilities. FDA Says Cybersecurity Vulnerabilities Found in Some Medtronic Devices More FILE PHOTO: The corporate logo of the U. Multiple Critical Vulnerabilities Found in Popular Motorized Hoverboards By Thomas Kilbride Not that long ago, motorized hoverboards were in the news - according to widespread reports, they had a tendency to catch on fire and even explode. Internet security threats are methods of abusing web technology to the detriment of a web site, its users, or even the internet at large. critical vulnerabilities found in customer security scans are listed by CVE number and ranked at three points in time: January 2005, June 2005 and January 2006. dll library by developers of commercial software. Three vulnerabilities have been found in Foscam security cameras. Multiple vulnerabilities found in Wireless IP Camera (P2P) WIFICAM cameras and vulnerabilities in custom http server TL;DR: by analysing the security of a camera, I found a pre-auth RCE as root against 1250 camera models. The Kimball team investigated the data further to determine the year over year vulnerabilities that were resolved and what percentage of vulnerabilities were new. 5% had an impact on the integrity of the product, and 61. Europe's biggest phone company Vodafone found evidence of a number of security vulnerabilities in Huawei equipment which could amount to "backdoors," according to Bloomberg. Vulnerability Assessment is supported for SQL Server 2012 and later , and can also be run on Azure SQL Database. Jan 03, 2018 · He told Forbes that the researchers "only have proof-of-concept code for local attacks. They arise from web sites that are misconfigured, that were inadvertently programmed with vulnerabilities, or that rely on components that are themselves vulnerable. A vulnerability found in the update service of the Cisco Webex Meetings Desktop App for Windows could allow an unprivileged local attacker to elevate privileges and run arbitrary commands using. Reportedly, two different vulnerabilities were found in the Philips IntelliSpace System that could allow hackers to steal patient information. 2 modules that could lead to possible remote code execution, dynamic memory corruption, or denial of service. In operational testing, DOD routinely found mission-critical cyber vulnerabilities in systems that were under development, yet program officials GAO met with believed their systems were secure and discounted some test results as unrealistic. One of the most unique vulnerabilities I found let me harvest the email accounts of users who used the. Food and Drug Administration (FDA) on Thursday said cybersecurity vulnerabilities were identified in Medtronic Plc's implantable cardiac devices, clinic programmers, and home monitors. 11 Security Vulnerabilities. And 2015 was quite the year with an average of 25 vulnerabilities per day (six a day. " On 8 October 2018, Intel is reported to have added hardware and firmware mitigations regarding Spectre and Meltdown vulnerabilities to its latest processors. Ironically, the vulnerability was located in the pre-installed security app, Guard Provider. 8350 in the tested range. Hackers found and disclosed 47 new vulnerabilities affecting 23 IoT devices from 21 manufacturers during during the IoT Village at DEF CON. For information about the classic interface, see Vulnerabilities in the Classic Interface. Certain of these security terms are so closely related that it's worth examining these together. A vulnerability found in the update service of the Cisco Webex Meetings Desktop App for Windows could allow an unprivileged local attacker to elevate privileges and run arbitrary commands using. critical vulnerabilities found in customer security scans are listed by CVE number and ranked at three points in time: January 2005, June 2005 and January 2006. This pattern is. One of the most unique vulnerabilities I found let me harvest the email accounts of users who used the. 6, all versions prior to R410. What were the discovered vulnerabilities? There are 13 vulnerabilities found in EPYC, Ryzen, Ryzen Pro and Ryzen Mobile processors. Using these search engines, we found 279 instances of the two devices mentioned in the table of low severity vulnerabilities (or similar devices from the same manufacturers, using the same vulnerable software), out of which 214 (76%) were potentially vulnerable. simpleroute is a Managed Service Provider located South Burlington, Vermont that provides IT services, security and cloud services to small and medium sized businesses. The vulnerabilities were discovered in software provided by 760 different vendors, but the top 10 vendors were found to have 50% of the vulnerabilities: For the second year running, Oracle leads the pack, with 514 security vulnerabilities reported. Is this only a problem for TLS? No. [WOW] 32,003 Router Vulnerabilities Found - A nonprofit consumer advocacy group looked at 186 SOHO (small office/home office) WiFi routers from 14 U. By maintaining a current network view of all discovered vulnerabilities, including details such as when the vulnerabilities were found, what scan jobs reported them and to whom the vulnerability is assigned for remediation or mitigation, it helps your security teams prioritize tasks for remediation. In response to Bloomberg, Vodafone said that the router vulnerabilities were found and fixed in 2011 and the BNG flaws were found and fixed in 2012. Note that traffic between clients and non-vulnerable servers can be decrypted provided another server supporting SSLv2 and EXPORT ciphers (even with a different protocol such as SMTP, IMAP or POP) shares the RSA keys of the non-vulnerable server. Zimperium responsibly reported the vulnerabilities to Amazon, and the company yesterday deployed security patches for AWS FreeRTOS versions 1. Explaining how these flaws could trigger attacks, the report states that exploiting these vulnerabilities could allow attackers to execute arbitrary code, obtain local administrative access, and escalate. Sources claim the security holes were discovered between 2009 and 2011 but persisted beyond 2012. In 2017, the majority of vulnerabilities were found in HMI/SCADA components. Given the list, select which of the seven domains of a typical IT infrastructure is primarily impacted by the risk, threat, or vulnerability. The vulnerabilities found are disclosed by the finders using some of the common reporting mechanisms available. Each year, we like to look back on the previous year and learn what we can from all the patches, updates, and incidents that were experienced. measures" [1]. Most of the vulnerabilities were in router firmware, according to the researchers, with the sheer number of vulnerabilities caused by a combination of a reliance on open source projects for code. [12] On October 8, 2018, Intel is reported to have added hardware and firmware mitigations regarding Spectre and Meltdown vulnerabilities to its Coffee Lake-R processors and onwards. For that reason, remediation should focus on base image fixes. The vulnerabilities behind the devastating Meltdown and Spectre attacks have existed for decades. The scan report gives you a high-level overview of the number and severity of vulnerabilities that were found: Clicking the Vulnerabilities tab will display a detailed report of all vulnerabilities. For information about the classic interface, see Vulnerabilities in the Classic Interface. 3% were related to improper input validation. I should probably check those out and remediate those issues. In addition to Italy, the vulnerabilities were found in Vodafone's UK, Germany, Spain, and. This is not the first time a vulnerability has been found in GoAhead. Control systems are vulnerable to cyber attack from inside and outside the control system network. These 37 vulnerabilities are found in 11 different families of software. In operational testing, DOD routinely found mission-critical cyber vulnerabilities in systems that were under development, yet program officials GAO met with believed their systems were secure and discounted some test results as unrealistic. 3 respectively NEW YORK, June 13, 2019 /PRNewswire/ — Two cybersecurity vulnerabilities. The vulnerabilities were identified by Elad Luz, Head of Research at CyberMDX. 7% of all reported vulnerabilities in 2017 were found in SCADA products, down from 2. If I recall, as well, there was poc code presented in the mid 2000s for bios hacks. A new security vulnerability has been found that only affects Intel CPUs - AMD users need not concern regarding this issue. In a call with WIRED, Intel says its own researchers were the first to discover the MDS vulnerabilities last year, and that it has now released fixes for the flaw in both hardware and software. If we want greater clarity in our purpose or deeper or meaningful spiritual lives, vulnerability is the path. One example is an insecure implementation of functions designed to read data from a socket, which was found in a commercial product. The Vulnerabilities page provides insight into your organization's vulnerabilities and the assets they were found on. It is possible for a remote attacker to abuse these vulnerabilities and gain command execution as root. Tomáš Foltýn 8 Aug 2018 - 03:19PM. Four groups of researchers independently found them within mere months of each other. Four issues were rated as medium, another four as low, and three as informational. Europe's biggest phone company Vodafone found evidence of a number of security vulnerabilities in Huawei equipment which could amount to "backdoors," according to Bloomberg. Let's analyzed the top five cyber security vulnerabilities. In a call with WIRED, Intel says its own researchers were the first to discover the MDS vulnerabilities last year, and that it has now released fixes for the flaw in both hardware and software. Separately, the review also found two critical vulnerabilities in databases that support the website. The report, which has. This repository contains some of the vulnerabilities that were found by our automatic vulnerability detection platform. Automated Vulnerability Assessment: A Case Study Kupsch and Miller major subsystems. Use it to proactively improve your database security. Dubbed Spoiler, the newfound security vulnerability was discovered by the Worcester Polytechnic Institute in partnership with the University of Lübeck, and affects all Intel CP. The vulnerabilities were discovered between 2009 and 2011 in Huawei's home internet routers, as well as its equipment used in parts of Vodafone's network infrastructure. The runner-up? Apple's iOS, with 375. The vulnerabilities were discovered in software provided by 760 different vendors, but the top 10 vendors were found to have 50% of the vulnerabilities: For the second year running, Oracle leads the pack, with 514 security vulnerabilities reported. This vulnerability is known as DROWN (CVE-2016-0800). Last year, 685 vulnerabilities were found versus 325 vulnerabilities that were found in 2013. 6, and all versions prior to R430. 806 unique vulnerabilities were found. On the mobile market, the Secunia team is reporting a total number of 80 vulnerabilities discovered in iOS, while only 10 were. Most of the vulnerabilities were in router firmware, according to the researchers, with the sheer number of vulnerabilities caused by a combination of a reliance on open source projects for code. Attackers could exploit the Bluetooth Low Energy(BLE) technology in Smart Scale and conduct DoS as well as change internal settings in the device. For each of these components, we then identify their high-level function and the way in which they interact, both with each other and with users. The scan report gives you a high-level overview of the number and severity of vulnerabilities that were found: Clicking the Vulnerabilities tab will display a detailed report of all vulnerabilities. In the past, most Bluetooth vulnerabilities and security flaws originated in issues with the protocol itself, which were resolved in version 2. Last year's Superfish. Although SQL Injection vulnerabilities are on the slight decline, XSS vulnerabilities, vulnerable JavaScript libraries, and WordPress related issues were found to each claim a significant 30% of the sampled targets. However, the app instead exposed 150 million users worldwide. io interface. 8372 and has been found to impact all the versions in this range. Ironically, the vulnerability was located in the pre-installed security app, Guard Provider. WhiteSource recently launched a new technology for prioritizing open source vulnerabilities based on the way they are used by the application - Effective Usage Analysis. The vulnerabilities were discovered in software provided by 760 different vendors, but the top 10 vendors were found to have 50% of the vulnerabilities: I would imagine Oracle is accurate on this table, as we have cataloged 570 vulnerabilites in 2013 from them. " That meant, in the real world, an attack would require the intruder to have found a way onto the computer. 0 base scores over 7 which are designated to security issues of high or critical risk levels. It is possible for a remote attacker to abuse these vulnerabilities and gain command execution as root. Researchers have found multiple critical flaws in the IT help desk software ManageEngine, made by Zoho Corp. 8372 and has been found to impact all the versions in this range. The remainder of vulnerabilities were found in cryptocurrency exchange Coinbase, Crypto. Introduction The Remote Desktop Protocol (RDP), also known as "mstsc" after the Microsoft built-in RDP client, is commonly used by technical users and IT staff to connect to / work on a remote computer. The attackers were found delivering malicious ActiveX-embedded documents via phishing emails. Being the gateways to internet-connected devices in networks, routers were unsurprisingly the devices on which most of the vulnerabilities were found. The researchers identified eleven vulnerabilities in total, of which none received the highest severity rating. acknowledged to Bloomberg that it found vulnerabilities going back years in equipment supplied by Huawei for the carrier's Italian business. 9, and; 97 vulnerabilities were identified as having a CVSS base score of 0-3. Among them were unauthorized access, hardcoded password for key store, and information disclosure. The report classified the four vulnerabilities as 'medium' severity. Removing it dropped it down to the standard number for a patched server - 20-50. Symantec helps consumers and organizations secure and manage their information-driven world. Apr 11, 2019 · Vulnerabilities have been found in the WPA3-Personal protocol that could allow adversaries to crack Wi-Fi passwords and gain access to encrypted traffic sent between a user's devices. Although SQL Injection vulnerabilities are on the slight decline, XSS vulnerabilities, vulnerable JavaScript libraries, and WordPress related issues were found to each claim a significant 30% of the sampled targets. They arise from web sites that are misconfigured, that were inadvertently programmed with vulnerabilities, or that rely on components that are themselves vulnerable. A new report has found that the number of high severity security vulnerabilities increased in 2014, and the Mac OS X and iOS operating systems dominate the chart, while Windows recedes. The Chinese tech giant has been fighting off US espionage allegations, as Washington is. The report, which has. Back on May 15, I approached Yuval Yarom with a few issues I had found in some TLS implementations. These are the vulnerabilities likely to attract the cybercriminals' attention. Four issues were rated as medium, another four as low, and three as informational. Multiple vulnerabilities were found in the Kaspersky Mail Gateway Web Management Console. Telecoms group Vodafone found security flaws in equipment supplied by China's Huawei to its Italian business in 2011 and 2012, the two companies said on Tuesday. Wireless presentation systems make it easier for users to display content on a screen or through a projector from laptops. Likewise OpenVPN Access Server, the commercial version, has also been updated to fix those of the vulnerabilities that were found to be present in the OpenVPN Access Server code as well. A significant increase from 424 vulnerabilities discovered in 2012. According to experts in web security audit, one is a buffer overflow flaw and the other is an out-of-bond write vulnerability that had been corrected as part of a European Commission-funded bug bounty program. A recent threat report from Symantec found that zero-day vulnerabilities were found about once a week in 2015, representing a big increase from 2014. In the paper published by Cyberreason, numerous vulnerabilities were found in a very affordable IP. Net framework. The state attribute in the vulnerability is reopened AND the last_found attribute in the vulnerability record is 1/1/19 or later. These specific vulnerabilities were found in the "helper tool," a feature that Shimo VPN. Symantec helps consumers and organizations secure and manage their information-driven world. For enterprise users, Windows Server 2007. But most of the vulnerabilities he found were actually in new code written specifically for Tizen within the last two years. "We also received confirmation from WHIS that they were exposed to the same vulnerabilities, and those were patched together with Amazon," zLabs says. Vulnerabilities. Being the gateways to internet-connected devices in networks, routers were unsurprisingly the devices on which most of the vulnerabilities were found. The report, which has. A vulnerability found in the update service of the Cisco Webex Meetings Desktop App for Windows could allow an unprivileged local attacker to elevate privileges and run arbitrary commands using. Vulnerable Packages. The exploits affect the firmware managing the AMD Secure Processor, as well as the chips used in some socket AM4 and socket TR4 desktop platforms running AMD silicon. " The vulnerabilities were found in software operating on Windows 10 systems. Injection vulnerabilities occur every time an application sends untrusted data to an interpreter. Some 15,038 new vulnerabilities were found in 2017, an increase in 53% from the 9,837 in 2016, according to Tenable's Vulnerability Intelligence Report: A. The flaws are described as an arbitrary file-deletion bug, a shell command-injection bug and a stack-based buffer oferflow vulnerability. Forgetting updates, product weakness and unresolved developer issues leave your clients wide open to computer security vulnerabilities. Among the audited codebases, 17% were found to contain a named vulnerability: Poodle was found in 8%, Freak and Drown were found in 5% and even Heartbleed, one of the most publicised of named. We also found 21,621 instances of devices like the access control PLC mentioned in. They're also problematic, but for different reasons that were not part of our research. The widespread microprocessor flaw that lets hackers "observe" passwords and other sensitive personal data on computers was discovered by Google several months ago, Intel CEO Brian Krzanich said. 6, all versions prior to R410. Three popular version control systems were found to contain vulnerabilities that could enable threat actors to steal source code. "The issues were identified by independent security testing, initiated by. io and were quite surprising to find. Telecoms group Vodafone found security flaws in equipment supplied by China's Huawei to its Italian business in 2011 and 2012, the two companies said on Tuesday. The denial of service vulnerabilities found have been fixed in OpenVPN 2. Vodafone Confirms It Found Security Vulnerabilities in Huawei Equipment. Vulnerabilities. Injection vulnerabilities. Click the Vulnerability Scan action button. To some extent, the risks that system vulnerability and malware bring may be the price we have to pay for living in a world where technology helps us to achieve our work and leisure objectives… more rapidly and more conveniently. Four data security vulnerabilities were found in CMS wireless networks, according to an OIG report. Multiple vulnerabilities were found in the Opsview Monitor, which would allow an attacker with access to the management console to execute commands on the operating system. Injection flaws are very common and affect a wide range of solutions. Pingault and colleagues used 35 polygenic. How many buildings were found to be. 22 and previous versions; Other products and versions might be affected, but they were not tested. The Chinese tech giant has been fighting off US espionage allegations, as Washington is. Explaining how these flaws could trigger attacks, the report states that exploiting these vulnerabilities could allow attackers to execute arbitrary code, obtain local administrative access, and escalate. "The bottom line is that it's not easy to secure these systems" Prakash said. The Kimball team investigated the data further to determine the year over year vulnerabilities that were resolved and what percentage of vulnerabilities were new. Click the Vulnerability Scan action button. 2% of the SCADA vulnerabilities were remotely exploitable, 73. For enterprise users, Windows Server 2007. Control systems are vulnerable to cyber attack from inside and outside the control system network. Food and Drug Administration issued communications that cybersecurity vulnerabilities were found in some Medtronic devices. io and were quite surprising to find. Most of the vulnerabilities were in router firmware, according to the researchers, with the sheer number of vulnerabilities caused by a combination of a reliance on open source projects for code. In all, seven vulnerabilities were discovered, each allowing an attacker to ultimately. The Chinese tech giant has been fighting off US espionage allegations, as Washington is. Dec 31, 2015 · Which software had the most publicly disclosed vulnerabilities this year? The winner is none other than Apple's Mac OS X, with 384 vulnerabilities. Internet security threats are methods of abusing web technology to the detriment of a web site, its users, or even the internet at large. As I read those sentences on vulnerability it brings home how courageous a journey it is to show up, be seen and truly be yourself. I should probably check those out and remediate those issues. ASSET VALUE, THREAT/HAZARD, VULNERABILITY, AND RISK 1 ASSET VALUE, THREAT/HAZARD, VULNERABILITY, AND RISK 1-1 Mitigating the threat of terrorist attacks against high occupancy buildings is a challenging task. Zero-day vulnerabilities present serious security risks, leaving you susceptible to zero-day attacks, which can result in potential damage to your computer or personal data. " It is also indicated that "Vulnerability is the core of all emotions and feelings" (p. Certain of these security terms are so closely related that it's worth examining these together. For each of these components, we then identify their high-level function and the way in which they interact, both with each other and with users. How to do it? 2 people found this helpful. Remote code execution bugs were among those found. January 31, 2019 A few months ago during a penetration test, we stumbled upon a Windows based mobile device management [MDM] system named SureMDM. The denial of service vulnerabilities found have been fixed in OpenVPN 2. 5% had an impact on the integrity of the product, and 61. In other words, it is a known issue that allows an attack to be successful. Researchers have found multiple critical flaws in the IT help desk software ManageEngine, made by Zoho Corp. Zimperium responsibly reported the vulnerabilities to Amazon, and the company yesterday deployed security patches for AWS FreeRTOS versions 1. a presentation at Black Hat throws up a security vulnerability that has been missed either because it were found to be. Food and Drug Administration (FDA) is shown in Silver Spring, Maryland. In other words, it is a known issue that allows an attack to be successful. To understand the vulnerabilities associated with control systems you must know the types of communications and operations associated with the control system as well as have an understanding of the how attackers are using the system vulnerabilities to their advantage. Lab Assessment Questions & Answers The following risks, threats, and vulnerabilities were found in a healthcare IT infrastructure servicing patients with life-threatening situations. They arise from web sites that are misconfigured, that were inadvertently programmed with vulnerabilities, or that rely on components that are themselves vulnerable. The vulnerabilities were found in multiple components of various Oracle products and, as it has become a regular behavior with each update, the list of affected products grows more and more. The first vulnerability has only been tested on the Microsoft Wireless Display Adapter V2 software versions 2. Try a product name, vendor name, CVE name, or an OVAL query. As I read those sentences on vulnerability it brings home how courageous a journey it is to show up, be seen and truly be yourself. A significant increase from 424 vulnerabilities discovered in 2012. ASUS Aura Sync v1. Search Vulnerability Database. The Department of Defense's Defense Digital Service and collaborative security platform HackerOne together announced the results Thursday of a recent Air Force-focused bug bounty — all in all, 120 vulnerabilities were found in the monthlong challenge, for which white-hat hackers were awarded a total of $130,000. The vulnerabilities behind the devastating Meltdown and Spectre attacks have existed for decades. FDA Says Cybersecurity Vulnerabilities Found in Some Medtronic Devices More FILE PHOTO: The corporate logo of the U. Separately, the review also found two critical vulnerabilities in databases that support the website. There were several areas of concern in configuration management. In the Internet of Things alone where 77% of the code was found to be open source, there was a whopping average of 677 vulnerabilities per application. Many factors must be considered in creating a safe building. I need to make a report with vulnerabilities that were not fixed within 12 months. Mmm, I have worked with some pretty hard core vulnerability finders, and I have to say while it is wise to consider maybe their vulnerabilities were found first by some government(s), very often they may not have been. To understand the vulnerabilities associated with control systems you must know the types of communications and operations associated with the control system as well as have an understanding of the how attackers are using the system vulnerabilities to their advantage. Interactions are particularly. In response to Bloomberg, Vodafone said that the router vulnerabilities were found and fixed in 2011 and the BNG flaws were found and fixed in 2012. A vulnerability found in the update service of the Cisco Webex Meetings Desktop App for Windows could allow an unprivileged local attacker to elevate privileges and run arbitrary commands using. Tomáš Foltýn 8 Aug 2018 - 03:19PM. The fewest vulnerabilities were found in the Health Savings Account applications, suggesting a higher regard for securing patient information and interactions than in the finance sector. In all, seven vulnerabilities were discovered, each allowing an attacker to ultimately. The vulnerabilities were discovered between 2009 and 2011 in Huawei's home internet routers, as well as its equipment used in parts of Vodafone's network infrastructure. A significant increase from 424 vulnerabilities discovered in 2012. Injection vulnerabilities occur every time an application sends untrusted data to an interpreter. This is not the first time a vulnerability has been found in GoAhead. Vendor Information, Solutions and Workarounds. To keep your computer and data safe, it's smart to take proactive and reactive security measures. During the audit process, Red4Sec recommended two minor modifications to the Nano code. However, the rest of the table is inaccurate because #2 is wrong. Among the audited codebases, 17% were found to contain a named vulnerability: Poodle was found in 8%, Freak and Drown were found in 5% and even Heartbleed, one of the most publicised of named. The latest version of Windows -- Windows 8. Researchers at Tenable have discovered a total of 15 vulnerabilities across eight wireless presentation systems, including flaws that can be exploited to remotely hack devices. The full list can be found in Appendix A & B. 715 of those vulnerabilities in "automated supply cabinets used to. Accuracy Comparison. Vulnerabilities. Three vulnerabilities have been found in Foscam security cameras. Cybellum's technology is build for automatic vulnerability detection, and not for exploitation, therefore no exploitation attempts were made to any of the submissions whatsoever. By maintaining a current network view of all discovered vulnerabilities, including details such as when the vulnerabilities were found, what scan jobs reported them and to whom the vulnerability is assigned for remediation or mitigation, it helps your security teams prioritize tasks for remediation. The vulnerabilities were discovered between 2009 and 2011 in Huawei's home internet routers, as well as its equipment used in parts of Vodafone's network infrastructure. Threat actors were found exploiting CVE-2018-1000861, a vulnerability in the Stapler web framework that is used by the Apache Jenkins open-source software development automation server with versions 2. Vulnerability is a cyber-security term that refers to a flaw in a system that can leave it open to attack. Zero-day vulnerabilities present serious security risks, leaving you susceptible to zero-day attacks, which can result in potential damage to your computer or personal data. What Vulnerabilities Were Found.