Security News
Patches have been released to address two new security vulnerabilities in Apache SuperSet that could be exploited by an attacker to gain remote code execution on affected systems. Outside of these weaknesses, the latest version of Superset also remediates a separate improper REST API permission issue that allows for low-privilege users to carry out server-side request forgery attacks.
Three critical-severity remote code execution vulnerabilities impact ASUS RT-AX55, RT-AX56U V2, and RT-AC86U routers, potentially allowing threat actors to hijack devices if security updates are not installed.The flaws, which all have a CVSS v3.1 score of 9.8 out of 10.0, are format string vulnerabilities that can be exploited remotely and without authentication, potentially allowing remote code execution, service interruptions, and performing arbitrary operations on the device.
A previously undocumented Android banking trojan dubbed MMRat has been observed targeting mobile users in Southeast Asia since late June 2023 to remotely commandeer the devices and perform financial fraud. "The malware, named after its distinctive package name com.mm.user, can capture user input and screen content, and can also remotely control victim devices through various techniques, enabling its operators to carry out bank fraud on the victim's device," Trend Micro said.
VMware has released software updates to correct two security vulnerabilities in Aria Operations for Networks that could be potentially exploited to bypass authentication and gain remote code execution."A malicious actor with network access to Aria Operations for Networks could bypass SSH authentication to gain access to the Aria Operations for Networks CLI," the company said in an advisory.
A widely used Windows-only utility, WinRAR can create and extract file archives in various compression formats. CVE-2023-40477 is a remote code execution vulnerability that could allow remote threat actors to execute arbitrary code on an affected WinRAR installation.
Networking hardware company Juniper Networks has released an "Out-of-cycle" security update to address multiple flaws in the J-Web component of Junos OS that could be combined to achieve remote code execution on susceptible installations. They affect all versions of Junos OS on SRX and EX Series.
Two stack-based buffer overflow bugs have been discovered in Ivanti Avalanche, an enterprise mobility management solution. Ivanti released Avalanche version 6.4.1 security update on August 3, 2023, which also fixes additional RCE and authentication bypass vulnerabilities.
Four security vulnerabilities in the ScrutisWeb ATM fleet monitoring software made by Iagona could be exploited to remotely break into ATMs, upload arbitrary files, and even reboot the terminals. The issues have been addressed in ScrutisWeb version 2.1.38.
A new remote access trojan called QwixxRAT is being advertised for sale by its threat actor through Telegram and Discord platforms. "Once installed on the victim's Windows platform machines, the RAT stealthily collects sensitive data, which is then sent to the attacker's Telegram bot, providing them with unauthorized access to the victim's sensitive information," Uptycs said in a new report published today.
A set of 15 high-severity security flaws have been disclosed in the CODESYS V3 software development kit that could result in remote code execution and denial-of-service under specific conditions, posing risks to operational technology environments. "Exploitation of the discovered vulnerabilities, which affect all versions of CODESYS V3 prior to version 3.5.19.0, could put operational technology infrastructure at risk of attacks, such as remote code execution and denial-of-service," Vladimir Tokarev of the Microsoft Threat Intelligence Community said in a report.