Security News

Data protection vendor Arcserve has addressed a high-severity security flaw in its Unified Data Protection backup software that can let attackers bypass authentication and gain admin privileges.According to the company, Arcserve UDP is a data and ransomware protection solution designed to help customers thwart ransomware attacks, restore compromised data, and enable effective disaster recovery to ensure business continuity.

Given attack surface sprawl and evolving threats, many organizations are embracing attack surface management tools to discover and address critical exposures. Asset discovery is an important capability to have, and one that's helping to drive the adoption of attack surface management tools and services.

Fortinet has rolled out updates to address a critical security vulnerability impacting its FortiNAC network access control solution that could lead to the execution of arbitrary code. "A deserialization of untrusted data vulnerability [CWE-502] in FortiNAC may allow an unauthenticated user to execute unauthorized code or commands via specifically crafted requests to the tcp/1050 service," Fortinet said in an advisory published last week.

Proof-of-concept exploit code for the high-severity vulnerability in Cisco Secure Client Software for Windows and Cisco AnyConnect Secure Mobility Client Software for Windows has been published. Cisco Secure Client Software - previously known as Cisco AnyConnect Secure Mobility Client - is unified endpoint security software designed to assist businesses in expanding their network access capabilities and enabling remote employees to connect via both wired and wireless connections, including VPN. In early June, Cisco published a security advisory about CVE-2023-20178, a vulnerability in the client update process of both Cisco AnyConnect Secure Mobility Client Software for Windows and Cisco Secure Client Software for Windows.

Security researchers have uncovered a bug that could allow attackers to deliver malware directly into employees' Microsoft Teams inbox. "Organisations that use Microsoft Teams inherit Microsoft's default configuration which allows users from outside of their organisation to reach out to their staff members," Jumpsec researcher Max Corbridge explained.

"Log4j was a wakeup call for many people about how technology is structured and how it is used," he explains. Once they spot a zero-day vulnerability, attackers need to figure out how best to maximise their returns from it, safe in the knowledge that no defence lies between them and their malicious objectives.

CVE-2023-20887, a pre-authentication command injection vulnerability in VMware Aria Operations for Networks, has been spotted being exploited in the wild. CVE-2023-20887 is one of three vulnerabilities recently discovered by Sina Kheirkhah of Summoning Team and an anonymous researcher and privately reported to VMware.

VMware has flagged that a recently patched critical command injection vulnerability in Aria Operations for Networks has come under active exploitation in the wild. The flaw, tracked as CVE-2023-20887, could allow a malicious actor with network access to the product to perform a command injection attack, resulting in remote code execution.

Zyxel has rolled out security updates to address a critical security flaw in its network-attached storage devices that could result in the execution of arbitrary commands on affected systems. Tracked as CVE-2023-27992, the issue has been described as a pre-authentication command injection vulnerability.

Zyxel has released firmware patches for a critical vulnerability in some of its consumer network attached storage devices. CVE-2023-27992 is an OS command injection flaw that could be triggered remotely by an unauthenticated attacker, via a specially crafted HTTP request.