Following the iOS 14.5 recalibration, some iPhone 11 users have seen an improvement in their battery health percentage
Apple re-calibrated the battery health monitoring system…
Friday, October 30, 2020, 11:18 GMT
Before 5.04.114, a problem was discovered on Western Digital My Cloud NAS computers. They allow remote code execution with privilege escalation resulting from that.
The kernel for Linux has been patched to 4.14 LTS.
It has strengthened and hardened the security of the device’s administrative functions.
The admin user now has a password, and only a new security frontend has limited the admin dashboard and applications to admin access. Non-admin users are no longer authorized to view or connect with the device’s privileged CGI processes or applications, which decreases the operating system ‘s threat surface and eliminates many groups of bugs in remote code execution.
The admin dashboard now also supports HTTPS via Let’s Encrypt with automatic certificate creation.
If the user has been able to receive a legitimate certificate and the user can be correctly resolved by the browser, the browser will be immediately redirected to HTTPS when the admin dashboard is accessed.
Addressed multiple stack buffer overflow vulnerabilities that could allow an attacker to carry out escalation of privileges through unauthorized remote code execution.
CVE Number: CVE-2020-12830
Reported by: Jae Young Jeong
Resolved vulnerability in FTP configuration that allowed full access to FTP shares.
Reported by: Miguel Carnero Gregorio
Addressed multiple remote code execution vulnerabilities that allowed escalation of privileges.