The flaws have been confirmed by Grandstream, but no firmware update has yet been issued.
Zoom has fixed the issue, which stemmed from a lack of checks against incorrect passcode attempts.
The flaw could allow a remote, unauthenticated attacker to bypass authentication on vulnerable devices.
Adobe has released patches for critical and important-severity flaws in its popular Magento e-commerce platform.
The “BootHole” bug could allow cyberattackers to load malware, steal information and move laterally into corporate, OT ,IoT and home networks.
Gear from Secomea, Moxa and HMS Networks are affected by remote code-execution flaws, researchers warn.
A path traversal vulnerability in the iDRAC technology can allow remote attackers to take over control of server operations.
Attackers are exploiting a high-severity vulnerability in Cisco’s network security software products, which is used by Fortune 500 companies.
The DJI GO 4 application open users’ sensitive data up for the taking, researchers allege.