- Cyber Threat Intelligence, Notificação de Vulnerabilidades OT/ICS
OT-ICS NDV Monthly- January/2026
The highlights critical and high-severity vulnerabilities in industrial environments that may enable remote code execution, authentication bypass, and denial-of-service attacks, impacting widely used OT and ICS technologies.
- Cyber Threat Intelligence, SEK Security Advisory
DoS vulnerability in Palo Alto Networks GlobalProtect allows firewall disruption
Palo Alto Networks fixed a denial-of-service (DoS) vulnerability in GlobalProtect that can force PAN-OS and Prisma Access firewalls to restart or enter maintenance mode.
- Cyber Threat Intelligence, SEK Security Advisory
FortiSIEM: critical vulnerability allows unauthenticated remote code execution
Fortinet disclosed a critical vulnerability in FortiSIEM that enables unauthenticated remote code execution, posing significant risk to enterprise environments.
- Cyber Threat Intelligence, SEK Security Advisory
SAP fixes critical SQL injection and remote code execution vulnerabilities
SAP released critical fixes during its January Security Patch Day, addressing flaws that allow SQL injection and remote code execution in widely used enterprise environments.
- Cyber Threat Intelligence, SEK Security Advisory
Microsoft fixes over 110 vulnerabilities in January Patch Tuesday
Microsoft released its January 2026 Patch Tuesday, addressing 114 vulnerabilities across Windows, Office, and related components.
- Cyber Threat Intelligence, SEK Security Advisory
Fortinet warns of active exploitation of legacy vulnerabilities
#Resumo do(a) Post Fortinet has confirmed the active exploitation of CVE-2020-12812, a critical FortiOS SSL VPN flaw that enables 2FA authentication bypass in specific LDAP configurations.
- Cyber Threat Intelligence, Notificação de Vulnerabilidades OT/ICS
Monthly OT-ICS VN – December 2025
The December 2025 OT-ICS NDV highlights critical and high-severity vulnerabilities impacting industrial control environments.
- Cyber Threat Intelligence, SEK Security Advisory
Critical vulnerabilities in WatchGuard Fireware OS allow remote code execution
Critical flaws in WatchGuard Fireware OS (CVSS 9.3) enable unauthenticated remote code execution via IKEv2 VPNs.
- Cyber Threat Intelligence, SEK Security Advisory
Critical RCE vulnerability in n8n allows arbitrary code execution
A critical flaw in n8n (CVE-2025-68613 – CVSS 9.9) allows authenticated users to achieve remote code execution via expression injection in workflows.