Announcements

Tenable has released a security update to fix a critical vulnerability in multiple products. The mentioned vulnerability could allow the authenticated remote attacker to escalate privileges by modifying environment variables and abusing the impacted plugin on the affected system. Tenable.io, Tenable.sc, and Nessus Privilege Escalation (CVE-2023-0524): CVSS: 9.1 Attack Vector: Network Attack Complexity: Low Privileges Required: High User […]

QNAP has released a security update to address a critical vulnerability across QNAP QTS and QNAP QuTS hero. The severity of the addressed vulnerability could allow the remote unauthenticated attacker to inject and execute malicious code on the affected systems by sending specially crafted requests. QNAP running QTS and running QTS code execution (CVE-2022-27596): CVSS: 9.8 Attack Vector:

VMware has released security updates to fix multiple vulnerabilities in VMware vRealize Log Insight. The severity of the addressed vulnerabilities could allow the remote attacker to gain access, cause a denial of service attack, or obtain information from the affected systems. Sample of the addressed vulnerabilities: 1. VMware vRealize Log Insight Broken Access Control Vulnerability (CVE-2022-31704): • CVSS:

Tenable Nessus has released updated versions (Nessus 10.4.2, 8.15.8) to fix a privilege escalation vulnerability. The mentioned vulnerability could allow the authenticated attacker to execute a specially crafted file to obtain root or NT AUTHORITY/SYSTEM privileges on the affected Nessus host. Tenable Nessus Privilege Escalation Vulnerability (CVE-2023-0101): • CVSS: 9.1 • Attack Vector: Network • Attack Complexity: Low

Oracle released its critical patch updates for January 2023, containing (327) new security patches for multiple affected products. The remote attacker could exploit some of these vulnerabilities to take control of the affected system. This critical patch update provides security updates to fix several vulnerabilities that may be remotely exploitable without authentication in a wide range of product families,

ManageEngine has released a security update to address a critical vulnerability affecting multiple products. The severity of the addressed vulnerability could allow the remote attacker to execute arbitrary code on the system by sending a specially-crafted request. It should be highlighted that the admins of ManageEngine were warned about a proof-of-concept (POC) that has been created to exploit

Cisco has released security updates to address several vulnerabilities in multiple Cisco products. The released security updates fix several vulnerabilities affecting multiple Cisco products such as RV016, RV042, RV042G, and RV082 Routers, IP Phone 7800 and 8800 Series, Industrial Network Director (IND), and Cisco Webex Room Phone. The addressed vulnerabilities could allow the attacker to send a specially

Microsoft has released its monthly patch of security updates, known as Patch Tuesday. The mentioned patch contains a fix for an actively exploited zero-day vulnerability. Microsoft has fixed (98) vulnerabilities, with (11) classified as critical as they allow remote code execution, bypass security features, or elevation of privileges. January’s Patch Tuesday was released to fix security flaws in

SAP has released security updates to address several vulnerabilities affecting multiple products. In addition, SAP also announced (3) updates to the previously released patch day security notes. This month’s patch fixes several vulnerabilities affecting multiple SAP products such as SAP BPC MS 10.0, SAP BusinessObjects Business Intelligence platform, SAP NetWeaver Process Integration, SAP NetWeaver AS for Java, SAP NetWeaver

Linux kernel is affected by a critical issue in ksmbd before version 5.19.2. KSMBD is a Linux kernel server that implements SMB3 protocol in kernel space for sharing files over the network. The severity of the mentioned vulnerability could allow the remote attacker to execute code on the affected systems. Linux Kernel Ksmbd Use-After-Free Remote Code Execution

Referring to EG-FinCIRT report “Microsoft November 2022 Patch Tuesday” Number 257/2022, Threat actors and ransomware groups discovered a new exploit method that bypasses Microsoft Exchange “ProxyNotShell” mitigations. Threat actors leveraging a new exploit chain method called “OWASSRF” that bypasses blocking rules for “ProxyNotShell” (CVE-2022-41040 and CVE-2022-41082) vulnerabilities in Microsoft Exchange Server and taking advantage of the privilege escalation vulnerability

IBM has released security updates to fix third-party components vulnerabilities across multiple products. The addressed vulnerabilities could allow the remote attacker to bypass security restrictions, perform a Cross-Site Scripting attack, perform a Server-Side Request Forgery Attack (SSRF) attack, perform a Log Injection attack, execute arbitrary code and cause a denial of service attack on the affected products. Sample of

Tenable has released security updates to fix multiple vulnerabilities in Tenable’s third-party components (moment.js, handlebars). The severity of the addressed vulnerabilities could allow the remote attacker to gain access or cause a denial of service attack on the affected system. Samples of the addressed vulnerabilities: 1. Moment.js Directory Traversal (CVE-2022-24785): CVSS: 9.8 Attack Vector: Network Attack Complexity:

Tenable has released a security update to fix a vulnerability in Tenable.ad’s thirdparty component Erlang. The addressed vulnerability could allow the remote attacker to perform a client authentication bypass in certain client-certification situations for SSL, TLS, and DTLS via sending a specially-crafted request. The remote attacker could exploit this vulnerability to gain access to the affected system and bypass

Apple has released security updates to address multiple vulnerabilities in the updated version of macOS Big Sur 11.7.2, macOS Monterey 12.6.2, macOS Ventura 13.1, and Safari 16.2. In addition, the mentioned updates fix a zero-day vulnerability actively exploited in the wild. The severity of the addressed vulnerabilities could allow the remote attacker to gainaccess to sensitive information, bypass

Microsoft has released its monthly patch of security updates, known as Patch Tuesday. The mentioned patch contains fixes for two zero-day vulnerabilities. One has been exploited in the wild and the other has been publicly disclosed. Microsoft has fixed (49) vulnerabilities, with (6) classified as critical as they allow remote code execution, denial of service attack, or elevation

VMware has released security updates to fix vulnerabilities across multiple products. severity of the addressed vulnerabilities could allow the remote attacker to execute arbitrary commands via specially crafted requests to gain access and obtain information from the affected products. Sample of the addressed vulnerabilities: 1. VMware vRealize Network Insight command execution (CVE-2022-31702) • CVSS: 9.8 • Attack Vector:

VMware has released security updates to fix a zero-day vulnerability across multiple products. The addressed vulnerability could allow the attacker with local administrative privileges on a virtual machine to execute code to gain access to the affected products. Heap out-of-bounds write vulnerability in EHCI controller (CVE-2022-31705) • CVSS: 9.3 • Attack Vector: Local • Attack Complexity:

Citrix has released security updates to fix a critical zero-day vulnerability in Citrix ADC and Citrix Gateway. The severity of the addressed vulnerability could allow the remote unauthenticated attacker to execute arbitrary code or commands via specifically crafted requests to gain access to the affected products. Citrix ADC and Gateway code execution (CVE-2022-27518): • CVSS: 9.8

IBM has released security updates to fix third-party components vulnerabilities across multiple products. The addressed vulnerabilities could allow the attacker to gain access, obtain information and cause a denial of service attack on the affected products. Sample of the addressed Vulnerabilities : 1. IBM InfoSphere Information Server Apache Commons Text code execution (CVE-2022-42889) • CVSS: 9.8