Grafana has released security updates to address an authentication bypass/account takeover vulnerability. CVE-2023-3128 has been rated as critical with a CVSSv3.1 base score of 9.4. Successful exploitation of the vulnerability will allow an attacker to gain complete control of a user’s account, including access to private customer data and sensitive information. Grafana is a multi-platform … Continue reading “Grafana Critical Authentication Bypass Vulnerability (CVE-2023-3128)”
VMware Tools Zero-day Authentication Bypass Vulnerability Exploited by Chinese Hackers (CVE-2023-20867)
VMware addressed an authentication bypass vulnerability in VMware Tools. CVE-2023-20867 may allow attackers to execute privileged commands across Windows, Linux, and PhotonOS (vCenter) guest VMs without authentication. The vulnerability was discovered by Mandiant. The firm suggests that the cyber espionage group known as UNC3886 has exploited the vulnerability. VMware Tools is a set of services … Continue reading “VMware Tools Zero-day Authentication Bypass Vulnerability Exploited by Chinese Hackers (CVE-2023-20867)”
Apple Patches Actively Exploited Zero-day Vulnerabilities in iOS and iPadOS (CVE-2023-32434, CVE-2023-32435, and CVE-2023-32439)
Apple has released multiple security advisories to address vulnerabilities in macOS, Safari, iOS, and iPadOS. Apple has mentioned in the advisory that they are aware of a report that the vulnerabilities may have been actively exploited. CVE-2023-32434 and CVE-2023-32435 were discovered by Georgy Kucherin, Leonid Bezvershenko, and Boris Larin of Kaspersky, while CVE-2023-32439 was reported to … Continue reading “Apple Patches Actively Exploited Zero-day Vulnerabilities in iOS and iPadOS (CVE-2023-32434, CVE-2023-32435, and CVE-2023-32439)”
Microsoft Released Out-of-Band Security Updates (CVE-2023-32027, CVE-2023-32025, CVE-2023-32026, CVE-2023-29356, CVE-2023-32028, and CVE-2023-29349)
Microsoft has released an out-of-band update to address six security vulnerabilities in Microsoft OLE (Object Linking and Embedding), Microsoft Open Database Connectivity (ODBC) driver for SQL Server. CVE-2023-32028: Microsoft OLE DB Remote Code Execution Vulnerability The OLE DB Driver for SQL Server is a data access application program interface (API) that delivers the SQL OLE … Continue reading “Microsoft Released Out-of-Band Security Updates (CVE-2023-32027, CVE-2023-32025, CVE-2023-32026, CVE-2023-29356, CVE-2023-32028, and CVE-2023-29349)”
MOVEit Transfer Privilege Escalation and Potential Unauthorized Access Vulnerability (CVE-2023-35708)
Progress has discovered a privilege escalation vulnerability in the MOVEit Transfer web application (CVE-2023-35708). On successful exploitation, the vulnerability may allow an attacker to gain unauthorized access to the MOVEit Transfer database. There is no evidence to suggest that the vulnerability is being exploited in the wild. MOVEit Transfer is a managed file transfer (MFT) … Continue reading “MOVEit Transfer Privilege Escalation and Potential Unauthorized Access Vulnerability (CVE-2023-35708)”
Fortinet FortiOS Critical Heap-Based Buffer Overflow Vulnerability (CVE-2023-27997)
Fortinet has addressed a heap-based buffer overflow vulnerability in its network operating system, FortiOS. CVE-2023-27997 has been given a critical severity with a CVSS score of 9.2. Charles Fol and Dany Bach from LEXFO have discovered and reported the vulnerability to Fortinet. Successful exploitation of the vulnerability may allow an attacker to execute arbitrary code … Continue reading “Fortinet FortiOS Critical Heap-Based Buffer Overflow Vulnerability (CVE-2023-27997)”
VMware Patched Multiple Critical Vulnerabilities in Aria Operations for Networks (CVE-2023-20887, CVE-2023-20888, and CVE-2023-20889)
VMware has released a security advisory to address multiple critical vulnerabilities affecting Aria Operations for Networks (formerly vRealize Network Insight). CVE-2023-20887, CVE-2023-20888, and CVE-2023-20889 have been given Critical and Important Severity ratings with CVSS scores of 9.8, 9.1, and 8.8, respectively. Successful exploitation of these vulnerabilities may allow an attacker to perform command injection and/or … Continue reading “VMware Patched Multiple Critical Vulnerabilities in Aria Operations for Networks (CVE-2023-20887, CVE-2023-20888, and CVE-2023-20889)”
Microsoft Patch Tuesday, June 2023 Security Update Review
Microsoft has released June’s edition of Patch Tuesday! This installment of security updates addressed 94 security vulnerabilities in various products, features, and roles. Microsoft Patch Tuesday for June 2023 No zero-day vulnerabilities known to be exploited in the wild have been fixed in this month’s Patch Tuesday edition. Six of these 94 vulnerabilities are rated … Continue reading “Microsoft Patch Tuesday, June 2023 Security Update Review”
Critical SQL Injection Vulnerability in MOVEit Managed File Transfer Web Application (CVE-2023-35036)
Multiple MOVEit Managed File Transfer Web Application versions face SQL Injection vulnerability (CVE-2023-35036). Successful exploitation of the vulnerability may allow an unauthenticated attacker to gain unauthorized access to the MOVEit Transfer database. MOVEit has accredited Cybersecurity firm Huntress for discovering the vulnerability. MOVEit Transfer is a managed file transfer (MFT) solution available in an on-premises … Continue reading “Critical SQL Injection Vulnerability in MOVEit Managed File Transfer Web Application (CVE-2023-35036)”
Cisco AnyConnect Secure Mobility Client Software and Cisco Secure Client Software for Windows Privilege Escalation Vulnerability (CVE-2023-20178)
Cisco has released patches to address a high-severity vulnerability, CVE-2023-20178, that affects the Cisco AnyConnect Secure Mobility Client Software and Cisco Secure Client Software. Filip Dragovic reported the vulnerability. On successful exploitation, the vulnerability may allow attackers to escalate privileges to those of the SYSTEM. No evidence is available to show the public exploitation of … Continue reading “Cisco AnyConnect Secure Mobility Client Software and Cisco Secure Client Software for Windows Privilege Escalation Vulnerability (CVE-2023-20178)”
