Security News

Microsoft has revised the severity of a security vulnerability it originally patched in September 2022, upgrading it to "Critical" after it emerged that it could be exploited to achieve remote code execution. Tracked as CVE-2022-37958, the flaw was previously described as an information disclosure vulnerability in SPNEGO Extended Negotiation Security Mechanism.

VMware released security updates to address a critical-severity vulnerability impacting ESXi, Workstation, Fusion, and Cloud Foundation, and a critical-severity command injection flaw affecting vRealize Network Insight.The VMware ESXi heap out-of-bounds write vulnerability is tracked as CVE-2022-31705 and has received a CVSS v3 severity rating of 9.3.

The China-linked crime gang APT5 is already attacking a flaw in Citrix's Application Delivery Controller and Gateway products that the vendor patched today. Citrix says the flaw, CVE-2022-27518, "Could allow an unauthenticated remote attacker to perform arbitrary code execution on the appliance" if it is configured as a SAML service provider or identity provider.

Citrix strongly urges admins to apply security updates for an 'Critical' zero-day vulnerability in Citrix ADC and Gateway that is actively exploited by state-sponsored hackers to gain access to corporate networks. Citrix ADC and Citrix Gateway version 13.1 are not affected by CVE-2022-27518, so upgrading to it solves the security problem.

Citrix is strongly urging admins to apply security updates for an actively exploited 'Critical' zero-day vulnerability in Citrix ADC and Gateway that allows a remote attacker to take control of a device. Citrix is warning admins to install the latest update "As soon as possible" as the vulnerability is actively exploited in attacks.

A critical RCE vulnerability in Fortinet's operating system, FortiOS, is being exploited by attackers, reportedly by a ransomware group. FortiOS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.8, 6.4.0 through 6.4.10, and 6.2.0 through 6.2.11.

This is where automation is critical to scale security and compliance. Automation enables compliance and security standardization.

Wazuh is a free and open source SIEM and XDR platform. The Wazuh central components analyze security data from endpoints in your infrastructure.

The maintainers of the FreeBSD operating system have released updates to remediate a security vulnerability impacting the ping module that could be potentially exploited to crash the program or trigger remote code execution. The issue, assigned the identifier CVE-2022-23093, impacts all supported versions of FreeBSD and concerns a stack-based buffer overflow vulnerability in the ping service.

The U.S. Cybersecurity and Infrastructure Security Agency this week released an Industrial Control Systems advisory warning of multiple vulnerabilities in Mitsubishi Electric GX Works3 engineering software. "Successful exploitation of these vulnerabilities could allow unauthorized users to gain access to the MELSEC iQ-R/F/L series CPU modules and the MELSEC iQ-R series OPC UA server module or to view and execute programs," the agency said.