Security News

A severe privilege escalation issue impacting MikroTik RouterOS could be weaponized by remote malicious actors to execute arbitrary code and seize full control of vulnerable devices. Cataloged as CVE-2023-30799, the shortcoming is expected to put approximately 500,000 and 900,000 RouterOS systems at risk of exploitation via their web and/or Winbox interfaces, respectively, VulnCheck disclosed in a Tuesday report.

Ivanti is warning users to update their Endpoint Manager Mobile mobile device management software to the latest version that fixes an actively exploited zero-day vulnerability. Dubbed CVE-2023-35078, the issue has been described as a remote unauthenticated API access vulnerability that impacts currently supported version 11.4 releases 11.10, 11.9, and 11.8 as well as older releases.

Details have emerged about a now-patched flaw in OpenSSH that could be potentially exploited to run arbitrary commands remotely on compromised hosts under specific conditions."This vulnerability allows a remote attacker to potentially execute arbitrary commands on vulnerable OpenSSH's forwarded ssh-agent," Saeed Abbasi, manager of vulnerability research at Qualys, said in an analysis last week.

Adobe has released a fresh round of updates to address an incomplete fix for a recently disclosed ColdFusion flaw that has come under active exploitation in the wild. The critical shortcoming, tracked as CVE-2023-38205, has been described as an instance of improper access control that could result in a security bypass.

Citrix is alerting users of a critical security flaw in NetScaler Application Delivery Controller and Gateway that it said is being actively exploited in the wild.The company did not give further details on the flaw tied to CVE-2023-3519 other than to say that exploits for the flaw have been observed on "Unmitigated appliances." However, successful exploitation requires the device to be configured as a Gateway or authorization and accounting virtual server.

A critical cross site scripting vulnerability in popular open source email collaboration suite Zimbra is being exploited by attackers. Clément Lecigne of Google Threat Analysis Group discovered and reported this vulnerability.

Cybersecurity researchers and threat actors are targeted by a fake proof of concept CVE-2023-35829 exploit that installs a Linux password-stealing malware. The fake PoC claims to be an exploit for CVE-2023-35829, a high-severity use-after-free flaw impacting the Linux kernel before 6.3.2.

"In this instance, the PoC is a wolf in sheep's clothing, harboring malicious intent under the guise of a harmless learning tool," Uptycs researchers Nischay Hegde and Siddartha Malladi said. The repository masquerades as a PoC for CVE-2023-35829, a recently disclosed high-severity flaw in the Linux kernel.

As vulnerabilities continue to rise and security evolves, it is becoming increasingly apparent that conventional vulnerability management programs are inadequate for managing the expanding attack surface. As a result, many security teams are scrambling to adopt modern vulnerability management programs that are capable of identifying and thwarting contemporary vulnerability-based threats.

Details have emerged about a newly identified security flaw in the Linux kernel that could allow a user to gain elevated privileges on a target host. Dubbed StackRot, the flaw impacts Linux versions 6.1 through 6.4.