Security News
A vulnerability in four old D-Link NAS models could be exploited to compromise internet-facing devices, a threat researcher has found.The existence of the flaw was confirmed by D-Link last week, and an exploit for opening an interactive shell has popped up on GitHub.
A vulnerability in XZ Utils, the XZ format compression utilities included in most Linux distributions, may "Enable a malicious actor to break sshd authentication and gain unauthorized access to the entire system remotely," Red Hat warns. The cause of the vulnerability is actually malicious code present in versions 5.6.0 and 5.6.1 of the xz libraries, which was accidentally found by Andres Freund, a PostgreSQL developer and software engineer at Microsoft.
The Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2023-24955 – a code injection vulnerability that allows authenticated attackers to execute code remotely on a vulnerable...
Attackers are leveraging a vulnerability in Anyscale's Ray AI software to compromise enterprise servers and saddle them with cryptominers and reverse shells."We observed hundreds of compromised clusters in the past three weeks alone. Each cluster uses a public IP address, and most clusters contain hundreds to thousands of servers. There are hundreds of servers that are still vulnerable and exposed."
Ivanti has fixed a critical RCE vulnerability in Ivanti Standalone Sentry that has been reported by researchers with the NATO Cyber Security Centre. The vulnerability affects all supported version of Ivanti Standalone Sentry as well as older, unsupported ones.
Proof-of-concept exploit code for a critical RCE vulnerability in Fortra FileCatalyst MFT solution has been published.Fortra FileCatalyst is an enterprise managed file transfer software solution that includes several components: FileCatalyst Direct, Workflow, and Central.
A recently fixed SQL injection vulnerability in Fortinet's FortiClient Endpoint Management Server solution has apparently piqued the interest of many: Horizon3's Attack Team means to publish technical details and a proof-of-concept exploit for it next week, and someone is attempting to sell a PoC for less than $300 via GitHub. "An improper neutralization of special elements used in an SQL Command vulnerability [CWE-89] in FortiClientEMS may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted requests," the company's product security incident response team pithily states in the associated advisory.
Arcserve has fixed critical security vulnerabilities in its Unified Data Protection solution that can be chained to upload malicious files to the underlying Windows system. Tenable researchers have published a PoC exploit script demonstrating the attack, as well as one for triggering a third flaw that can lead to denial of service.
Cisco has fixed two high-severity vulnerabilities affecting its Cisco Secure Client enterprise VPN and endpoint security solution, one of which could be exploited by unauthenticated, remote attackers to grab users' valid SAML authentication token."The attacker could then use the token to establish a remote access VPN session with the privileges of the affected user," Cisco says, but notes that "Individual hosts and services behind the VPN headend would still need additional credentials for successful access."
Apple has fixed two iOS zero-day vulnerabilities exploited by attackers in the wild. "Additional CVE entries [are] coming soon," Apple noted for both updates.