Nick Miles

Name of the Vulnerable Software and Affected Versions: WebIQ version 2.15.9 Description: The Windows version of WebIQ is affected by a directory traversal vulnerability that allows remote attackers to read any file on the system. Recommendations: For version 2.15.9, consider restricting access to sensitive files and directories until a patch is available. As a temporary workaround, consider disabling any functionality that allows remote file access until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SimpliSafe SS3 firmware versions 1.0 through 1.3 **Description** The issue allows a local, unauthenticated attacker to bypass authentication using an alternate path or channel, enabling them to pair a rogue keypad to an armed system. **Recommendations** For SimpliSafe SS3 firmware versions 1.0 through 1.3, consider restricting access to the keypad pairing functionality until a patch is available. As a temporary workaround, monitor system activity closely for any signs of unauthorized keypad pairing. At the moment, there is no information about a newer version that contains a fix for this vulnerability.