Security News

Malicious actors are actively attempting to exploit a recently patched critical vulnerability in Control Web Panel that enables elevated privileges and unauthenticated remote code execution on susceptible servers. Control Web Panel, formerly known as CentOS Web Panel, is a popular server administration tool for enterprise-based Linux systems.

Auth0 fixed a remote code execution vulnerability in the immensely popular 'JsonWebToken' open-source library used by over 22,000 projects and downloaded over 36 million times per month on NPM. The library is used in open source projects created by Microsoft, Twilio, Salesforce, Intuit, Box, IBM, Docusign, Slack, SAP, and many more. The JsonWebToken project is an open-source library used to create, sign, and verify JSON Web tokens.

Synology has released security updates to address a critical flaw impacting VPN Plus Server that could be exploited to take over affected systems.Tracked as CVE-2022-43931, the vulnerability carries a maximum severity rating of 10 on the CVSS scale and has been described as an out-of-bounds write bug in the remote desktop functionality in Synology VPN Plus Server.

State-sponsored attackers actively exploiting RCE in Citrix devices, patch ASAP!An unauthenticated remote code execution flaw is being leveraged by a Chinese state-sponsored group to compromise Citrix Application Delivery Controller deployments, the US National Security Agency has warned. Microsoft fixes exploited zero-day, revokes certificate used to sign malicious driversIt's December 2022 Patch Tuesday, and Microsoft has delivered fixes for 50+ vulnerabilities, including a Windows SmartScreen bypass flaw exploited by attackers to deliver a variety of malware.

Another month, another Microsoft Patch Tuesday, another 48 patches, another two zero-days. An astonishing tale about a bunch of rogue actors who tricked Microsoft itself into giving their malicious code an official digital seal of approval.

An unauthenticated remote code execution flaw is being leveraged by a Chinese state-sponsored group to compromise Citrix Application Delivery Controller deployments, the US National Security Agency has warned. "Targeting Citrix ADCs can facilitate illegitimate access to targeted organizations by bypassing normal authentication controls."

A critical RCE vulnerability in Fortinet's operating system, FortiOS, is being exploited by attackers, reportedly by a ransomware group. FortiOS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.8, 6.4.0 through 6.4.10, and 6.2.0 through 6.2.11.

Fortinet on Monday issued emergency patches for a severe security flaw affecting its FortiOS SSL-VPN product that it said is being actively exploited in the wild. Tracked as CVE-2022-42475, the critical bug relates to a heap-based buffer overflow vulnerability that could allow an unauthenticated attacker to execute arbitrary code via specially crafted requests.

Fortinet urges customers to patch their appliances against an actively exploited FortiOS SSL-VPN vulnerability that could allow unauthenticated remote code execution on devices."A heap-based buffer overflow vulnerability [CWE-122] in FortiOS SSL-VPN may allow a remote unauthenticated attacker to execute arbitrary code or commands via specifically crafted requests," warns Fortinet in a security advisory released today.

A critical security vulnerability has been disclosed in the Quarkus Java framework that could be potentially exploited to achieve remote code execution on affected systems. "The vulnerability is found in the Dev UI Config Editor, which is vulnerable to drive-by localhost attacks that could lead to remote-code execution," Contrast Security researcher Joseph Beeton, who reported the bug, said in a write-up.