Announcements

Intel has released security updates to fix several vulnerabilities in multiple products. The addressed vulnerabilities could allow the remote attacker to perform various attacks such as obtaining sensitive information, bypassing security restrictions, executing arbitrary code, causing a denial of service, or escalating the privileges on the affected products. Sample of the addressed vulnerabilities: 1- Intel Integrated BMC and OpenBMC […]

Microsoft has released its monthly patch of security updates, known as Patch Tuesday. The mentioned patch contains a fix for three actively exploited zero-day vulnerabilities. Microsoft has fixed (77) vulnerabilities, with (9) classified as critical as they could allow the attacker to perform code execution, bypass security features, elevate privileges, or cause a denial of service. February’s Patch Tuesday

Redhat has released security updates to address multiple vulnerabilities across multiple products. The addressed vulnerabilities could allow the remote attacker to perform various attacks such as denial of service attacks, execute arbitrary code, or escalate privileges on the affected system. Sample of the addressed vulnerabilities: 1. Apache MINA SSHD Code Execution (CVE-2022-45047): • CVSS: 9.8 • Attack Vector:

Atlassian has released a security update to fix a critical vulnerability in multiple versions of the Jira Service Management Server and Data Center. The mentioned vulnerability could allow the attacker to impersonate another user and gain access to the Jira Service Management instance under certain circumstances: • Write access to the User Directory is enabled. • Outgoing email

Tenable has released a security update to fix a critical vulnerability in multiple products. The mentioned vulnerability could allow the authenticated remote attacker to escalate privileges by modifying environment variables and abusing the impacted plugin on the affected system. Tenable.io, Tenable.sc, and Nessus Privilege Escalation (CVE-2023-0524): CVSS: 9.1 Attack Vector: Network Attack Complexity: Low Privileges Required: High User

QNAP has released a security update to address a critical vulnerability across QNAP QTS and QNAP QuTS hero. The severity of the addressed vulnerability could allow the remote unauthenticated attacker to inject and execute malicious code on the affected systems by sending specially crafted requests. QNAP running QTS and running QTS code execution (CVE-2022-27596): CVSS: 9.8 Attack Vector:

VMware has released security updates to fix multiple vulnerabilities in VMware vRealize Log Insight. The severity of the addressed vulnerabilities could allow the remote attacker to gain access, cause a denial of service attack, or obtain information from the affected systems. Sample of the addressed vulnerabilities: 1. VMware vRealize Log Insight Broken Access Control Vulnerability (CVE-2022-31704): • CVSS:

Tenable Nessus has released updated versions (Nessus 10.4.2, 8.15.8) to fix a privilege escalation vulnerability. The mentioned vulnerability could allow the authenticated attacker to execute a specially crafted file to obtain root or NT AUTHORITY/SYSTEM privileges on the affected Nessus host. Tenable Nessus Privilege Escalation Vulnerability (CVE-2023-0101): • CVSS: 9.1 • Attack Vector: Network • Attack Complexity: Low

Oracle released its critical patch updates for January 2023, containing (327) new security patches for multiple affected products. The remote attacker could exploit some of these vulnerabilities to take control of the affected system. This critical patch update provides security updates to fix several vulnerabilities that may be remotely exploitable without authentication in a wide range of product families,

ManageEngine has released a security update to address a critical vulnerability affecting multiple products. The severity of the addressed vulnerability could allow the remote attacker to execute arbitrary code on the system by sending a specially-crafted request. It should be highlighted that the admins of ManageEngine were warned about a proof-of-concept (POC) that has been created to exploit

Cisco has released security updates to address several vulnerabilities in multiple Cisco products. The released security updates fix several vulnerabilities affecting multiple Cisco products such as RV016, RV042, RV042G, and RV082 Routers, IP Phone 7800 and 8800 Series, Industrial Network Director (IND), and Cisco Webex Room Phone. The addressed vulnerabilities could allow the attacker to send a specially

Microsoft has released its monthly patch of security updates, known as Patch Tuesday. The mentioned patch contains a fix for an actively exploited zero-day vulnerability. Microsoft has fixed (98) vulnerabilities, with (11) classified as critical as they allow remote code execution, bypass security features, or elevation of privileges. January’s Patch Tuesday was released to fix security flaws in

SAP has released security updates to address several vulnerabilities affecting multiple products. In addition, SAP also announced (3) updates to the previously released patch day security notes. This month’s patch fixes several vulnerabilities affecting multiple SAP products such as SAP BPC MS 10.0, SAP BusinessObjects Business Intelligence platform, SAP NetWeaver Process Integration, SAP NetWeaver AS for Java, SAP NetWeaver

Linux kernel is affected by a critical issue in ksmbd before version 5.19.2. KSMBD is a Linux kernel server that implements SMB3 protocol in kernel space for sharing files over the network. The severity of the mentioned vulnerability could allow the remote attacker to execute code on the affected systems. Linux Kernel Ksmbd Use-After-Free Remote Code Execution

Referring to EG-FinCIRT report “Microsoft November 2022 Patch Tuesday” Number 257/2022, Threat actors and ransomware groups discovered a new exploit method that bypasses Microsoft Exchange “ProxyNotShell” mitigations. Threat actors leveraging a new exploit chain method called “OWASSRF” that bypasses blocking rules for “ProxyNotShell” (CVE-2022-41040 and CVE-2022-41082) vulnerabilities in Microsoft Exchange Server and taking advantage of the privilege escalation vulnerability

IBM has released security updates to fix third-party components vulnerabilities across multiple products. The addressed vulnerabilities could allow the remote attacker to bypass security restrictions, perform a Cross-Site Scripting attack, perform a Server-Side Request Forgery Attack (SSRF) attack, perform a Log Injection attack, execute arbitrary code and cause a denial of service attack on the affected products. Sample of

Tenable has released security updates to fix multiple vulnerabilities in Tenable’s third-party components (moment.js, handlebars). The severity of the addressed vulnerabilities could allow the remote attacker to gain access or cause a denial of service attack on the affected system. Samples of the addressed vulnerabilities: 1. Moment.js Directory Traversal (CVE-2022-24785): CVSS: 9.8 Attack Vector: Network Attack Complexity:

Tenable has released a security update to fix a vulnerability in Tenable.ad’s thirdparty component Erlang. The addressed vulnerability could allow the remote attacker to perform a client authentication bypass in certain client-certification situations for SSL, TLS, and DTLS via sending a specially-crafted request. The remote attacker could exploit this vulnerability to gain access to the affected system and bypass

Apple has released security updates to address multiple vulnerabilities in the updated version of macOS Big Sur 11.7.2, macOS Monterey 12.6.2, macOS Ventura 13.1, and Safari 16.2. In addition, the mentioned updates fix a zero-day vulnerability actively exploited in the wild. The severity of the addressed vulnerabilities could allow the remote attacker to gainaccess to sensitive information, bypass

Microsoft has released its monthly patch of security updates, known as Patch Tuesday. The mentioned patch contains fixes for two zero-day vulnerabilities. One has been exploited in the wild and the other has been publicly disclosed. Microsoft has fixed (49) vulnerabilities, with (6) classified as critical as they allow remote code execution, denial of service attack, or elevation