Security News
Cisco has published patches for critical vulns affecting the web management interface for some of its Small Business Dual WAN Gigabit routers - including a 9.8-rated nasty. The two vulnerabilities affect the RV340, RV345, RV340W, and RV345P products, which are aimed at SMEs and home office setups.
A vulnerability in the GitHub Actions workflow for PyPI's source repository could be exploited to perform a malicious pull request and eventually execute arbitrary code on pypi.org, according to a warning from a Japanese security researcher. The workflow did not verify the pull request author, anyone could create a pull request with a specific name and have the workflow to process it.
Atlassian has dropped a patch for a critical vulnerability in many versions of its Jira Data Center and Jira Service Management Data Center products, which can lead to arbitrary code execution. Atlassian is a platform that's used by 180,000 customers to engineer software and manage projects, and Jira is its proprietary bug-tracking and agile project-management tool.
A vulnerability in FortiManager and FortiAnalyzer could be exploited by remote, non-authenticated attackers to execute unauthorized / malicious code as root, Fortinet has warned. Fortinet has provided security updates to fix the flaw, as well as workarounds if updating is impossible.
Telecom providers, including wireless carriers, are at risk of disruption of network service if the bug in SBR Carrier is exploited. A critical remote code-execution vulnerability in Juniper Networks' Steel-Belted Radius Carrier Edition lays open wireless carrier and fixed operator networks to tampering.
The 'ModiPwn' bug lays open production lines, sensors, conveyor belts, elevators, HVACs and more that use Schneider Electric PLCs. A critical remote code-execution vulnerability in Schneider Electric programmable logic controllers has come to light, which allows unauthenticated cyberattackers to gain root-level control over PLCs used in manufacturing, building automation, healthcare and enterprise environments. If exploited, attackers could impact production lines, sensors and conveyor belts in factory settings, according to the researchers at Armis who discovered the bug - as well as affect devices familiar to the everyday consumer, such as elevators, HVACs and other automated devices.
Researchers at Armis discovered an authentication bypass vulnerability in Schneider Electric's Modicon programmable logic controllers that can lead to remote-code-execution. Modicon M580. The vulnerability, dubbed ModiPwn, allows for a complete takeover of impacted devices by leveraging the UMAS protocol, and impacts Modicon M340, M580 and other models from the Modicon series.
Cybersecurity agencies in Australia and the U.S. are warning of an actively exploited vulnerability impacting ForgeRock's OpenAM access management solution that could be leveraged to execute arbitrary code on an affected system remotely. "The has observed actors exploiting this vulnerability to compromise multiple hosts and deploy additional malware and tools," the organization said in an alert.
Attackers are actively exploiting a critical, pre-authorization remote-code execution vulnerability in the popular Access Management platform from digital identity management firm ForgeRock. On Monday morning, the Cybersecurity and Infrastructure Security Agency warned that the vulnerability could enable attackers to execute commands in the context of the current user.
Even as Microsoft expanded patches for the so-called PrintNightmare vulnerability for Windows 10 version 1607, Windows Server 2012, and Windows Server 2016, it has come to light that the fix for the remote code execution exploit in the Windows Print Spooler service can be bypassed in certain scenarios, effectively defeating the security protections and permitting attackers to run arbitrary code on infected systems. "Several days ago, two security vulnerabilities were found in Microsoft Windows' existing printing mechanism," Yaniv Balmas, head of cyber research at Check Point, told The Hacker News.