Announcements

Tenable has released security updates to fix multiple vulnerabilities in Tenable.sc versions 5.22.0 to 5.23.1 and 6.0.0. The addressed vulnerabilities could allow the remote attacker to cause a denial of service, obtain information, or gain access to the affected systems. Sample of the addressed vulnerabilities: 1. Curl libcurl Denial of Service (CVE-2022-42915): • CVSS: 9.8 • Attack […]

Atlassian has released security updates to address vulnerabilities in the “Git” utility that affects multiple products. The addressed vulnerabilities could allow the remote attacker to gain access to the affected systems. Sample of the addressed vulnerabilities: Git Integer Overflow Vulnerability (CVE-2022-41903): • CVSS: 9.8 • Attack Vector: Network • Attack Complexity: Low • Privileges Required: None •

Fortinet has released security updates to address multiple vulnerabilities across multiple products. The addressed vulnerabilities could allow the attacker to perform various attacks such as obtaining sensitive information, bypassing security restrictions, executing arbitrary code, or escalating the privileges on the affected products. Sample of the addressed vulnerabilities: 1. FortiNAC – External Control of File Name or Path in

Cisco has released security updates to fix multiple vulnerabilities across multiple products. The addressed vulnerabilities could allow the remote attacker to obtain sensitive information, perform cross-site scripting attacks, bypass security restrictions, execute arbitrary code, or cause a denial of service attack on the affected products. Sample of the addressed vulnerabilities: 1- Cisco ClamAV Buffer Overflow (CVE-2023-20032): • CVSS:

Intel has released security updates to fix several vulnerabilities in multiple products. The addressed vulnerabilities could allow the remote attacker to perform various attacks such as obtaining sensitive information, bypassing security restrictions, executing arbitrary code, causing a denial of service, or escalating the privileges on the affected products. Sample of the addressed vulnerabilities: 1- Intel Integrated BMC and OpenBMC

Microsoft has released its monthly patch of security updates, known as Patch Tuesday. The mentioned patch contains a fix for three actively exploited zero-day vulnerabilities. Microsoft has fixed (77) vulnerabilities, with (9) classified as critical as they could allow the attacker to perform code execution, bypass security features, elevate privileges, or cause a denial of service. February’s Patch Tuesday

Redhat has released security updates to address multiple vulnerabilities across multiple products. The addressed vulnerabilities could allow the remote attacker to perform various attacks such as denial of service attacks, execute arbitrary code, or escalate privileges on the affected system. Sample of the addressed vulnerabilities: 1. Apache MINA SSHD Code Execution (CVE-2022-45047): • CVSS: 9.8 • Attack Vector:

Atlassian has released a security update to fix a critical vulnerability in multiple versions of the Jira Service Management Server and Data Center. The mentioned vulnerability could allow the attacker to impersonate another user and gain access to the Jira Service Management instance under certain circumstances: • Write access to the User Directory is enabled. • Outgoing email

Tenable has released a security update to fix a critical vulnerability in multiple products. The mentioned vulnerability could allow the authenticated remote attacker to escalate privileges by modifying environment variables and abusing the impacted plugin on the affected system. Tenable.io, Tenable.sc, and Nessus Privilege Escalation (CVE-2023-0524): CVSS: 9.1 Attack Vector: Network Attack Complexity: Low Privileges Required: High User

QNAP has released a security update to address a critical vulnerability across QNAP QTS and QNAP QuTS hero. The severity of the addressed vulnerability could allow the remote unauthenticated attacker to inject and execute malicious code on the affected systems by sending specially crafted requests. QNAP running QTS and running QTS code execution (CVE-2022-27596): CVSS: 9.8 Attack Vector:

VMware has released security updates to fix multiple vulnerabilities in VMware vRealize Log Insight. The severity of the addressed vulnerabilities could allow the remote attacker to gain access, cause a denial of service attack, or obtain information from the affected systems. Sample of the addressed vulnerabilities: 1. VMware vRealize Log Insight Broken Access Control Vulnerability (CVE-2022-31704): • CVSS:

Tenable Nessus has released updated versions (Nessus 10.4.2, 8.15.8) to fix a privilege escalation vulnerability. The mentioned vulnerability could allow the authenticated attacker to execute a specially crafted file to obtain root or NT AUTHORITY/SYSTEM privileges on the affected Nessus host. Tenable Nessus Privilege Escalation Vulnerability (CVE-2023-0101): • CVSS: 9.1 • Attack Vector: Network • Attack Complexity: Low

Oracle released its critical patch updates for January 2023, containing (327) new security patches for multiple affected products. The remote attacker could exploit some of these vulnerabilities to take control of the affected system. This critical patch update provides security updates to fix several vulnerabilities that may be remotely exploitable without authentication in a wide range of product families,

ManageEngine has released a security update to address a critical vulnerability affecting multiple products. The severity of the addressed vulnerability could allow the remote attacker to execute arbitrary code on the system by sending a specially-crafted request. It should be highlighted that the admins of ManageEngine were warned about a proof-of-concept (POC) that has been created to exploit

Cisco has released security updates to address several vulnerabilities in multiple Cisco products. The released security updates fix several vulnerabilities affecting multiple Cisco products such as RV016, RV042, RV042G, and RV082 Routers, IP Phone 7800 and 8800 Series, Industrial Network Director (IND), and Cisco Webex Room Phone. The addressed vulnerabilities could allow the attacker to send a specially

Microsoft has released its monthly patch of security updates, known as Patch Tuesday. The mentioned patch contains a fix for an actively exploited zero-day vulnerability. Microsoft has fixed (98) vulnerabilities, with (11) classified as critical as they allow remote code execution, bypass security features, or elevation of privileges. January’s Patch Tuesday was released to fix security flaws in

SAP has released security updates to address several vulnerabilities affecting multiple products. In addition, SAP also announced (3) updates to the previously released patch day security notes. This month’s patch fixes several vulnerabilities affecting multiple SAP products such as SAP BPC MS 10.0, SAP BusinessObjects Business Intelligence platform, SAP NetWeaver Process Integration, SAP NetWeaver AS for Java, SAP NetWeaver

Linux kernel is affected by a critical issue in ksmbd before version 5.19.2. KSMBD is a Linux kernel server that implements SMB3 protocol in kernel space for sharing files over the network. The severity of the mentioned vulnerability could allow the remote attacker to execute code on the affected systems. Linux Kernel Ksmbd Use-After-Free Remote Code Execution

Referring to EG-FinCIRT report “Microsoft November 2022 Patch Tuesday” Number 257/2022, Threat actors and ransomware groups discovered a new exploit method that bypasses Microsoft Exchange “ProxyNotShell” mitigations. Threat actors leveraging a new exploit chain method called “OWASSRF” that bypasses blocking rules for “ProxyNotShell” (CVE-2022-41040 and CVE-2022-41082) vulnerabilities in Microsoft Exchange Server and taking advantage of the privilege escalation vulnerability

IBM has released security updates to fix third-party components vulnerabilities across multiple products. The addressed vulnerabilities could allow the remote attacker to bypass security restrictions, perform a Cross-Site Scripting attack, perform a Server-Side Request Forgery Attack (SSRF) attack, perform a Log Injection attack, execute arbitrary code and cause a denial of service attack on the affected products. Sample of