βΌ CVE-2023-3301 βΌ
π Read
via "National Vulnerability Database".
A flaw was found in QEMU. The async nature of hot-unplug enables a race scenario where the net device backend is cleared before the virtio-net pci frontend has been unplugged. A malicious guest could use this time window to trigger an assertion and cause a denial of service.π Read
via "National Vulnerability Database".
βΌ CVE-2023-20190 βΌ
π Read
via "National Vulnerability Database".
A vulnerability in the classic access control list (ACL) compression feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass the protection that is offered by a configured ACL on an affected device. This vulnerability is due to incorrect destination address range encoding in the compression module of an ACL that is applied to an interface of an affected device. An attacker could exploit this vulnerability by sending traffic through the affected device that should be denied by the configured ACL. A successful exploit could allow the attacker to bypass configured ACL protections on the affected device, allowing the attacker to access trusted networks that the device might be protecting. There are workarounds that address this vulnerability. This advisory is part of the September 2023 release of the Cisco IOS XR Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: September 2023 Semiannual Cisco IOS XR Software Security Advisory Bundled Publication .π Read
via "National Vulnerability Database".
βΌ CVE-2023-4828 βΌ
π Read
via "National Vulnerability Database".
An improper check for an exceptional condition in the Insider Threat Management (ITM) Server could be used by an attacker to change the configuration of any already-registered agent so that all future agent communications are sent to an attacker-chosen URL. An attacker must first successfully obtain valid agent credentials and target agent hostname. All versions prior to 7.14.3.69 are affected.π Read
via "National Vulnerability Database".
βΌ CVE-2023-4802 βΌ
π Read
via "National Vulnerability Database".
A reflected cross-site scripting vulnerability in the UpdateInstalledSoftware endpoint of the Insider Threat Management (ITM) Server's web console could be used by an authenticated administrator to run arbitrary javascript within another web console administrator's browser. All versions prior to 7.14.3.69 are affected.π Read
via "National Vulnerability Database".
π1
βΌ CVE-2023-4803 βΌ
π Read
via "National Vulnerability Database".
A reflected cross-site scripting vulnerability in the WriteWindowTitle endpoint of the Insider Threat Management (ITM) Server's web console could be used by an authenticated administrator to run arbitrary javascript within another web console administrator's browser. All versions prior to 7.14.3.69 are affected.π Read
via "National Vulnerability Database".
βΌ CVE-2023-4155 βΌ
π Read
via "National Vulnerability Database".
A flaw was found in KVM AMD Secure Encrypted Virtualization (SEV) in the Linux kernel. A KVM guest using SEV-ES or SEV-SNP with multiple vCPUs can trigger a double fetch race condition vulnerability and invoke the `VMGEXIT` handler recursively. If an attacker manages to call the handler multiple times, they can trigger a stack overflow and cause a denial of service or potentially guest-to-host escape in kernel configurations without stack guard pages (`CONFIG_VMAP_STACK`).π Read
via "National Vulnerability Database".
βΌ CVE-2023-20233 βΌ
π Read
via "National Vulnerability Database".
A vulnerability in the Connectivity Fault Management (CFM) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to incorrect processing of invalid continuity check messages (CCMs). An attacker could exploit this vulnerability by sending crafted CCMs to an affected device. A successful exploit could allow the attacker to cause the CFM service to crash when a user displays information about maintenance end points (MEPs) for peer MEPs on an affected device.π Read
via "National Vulnerability Database".
βΌ CVE-2023-2680 βΌ
π Read
via "National Vulnerability Database".
This CVE exists because of an incomplete fix for CVE-2021-3750. More specifically, the qemu-kvm package as released for Red Hat Enterprise Linux 9.1 via RHSA-2022:7967 included a version of qemu-kvm that was actually missing the fix for CVE-2021-3750.π Read
via "National Vulnerability Database".
βΌ CVE-2023-3588 βΌ
π Read
via "National Vulnerability Database".
A stored Cross-site Scripting (XSS) vulnerability affecting Teamwork Cloud from No Magic Release 2021x through No Magic Release 2022x allows an attacker to execute arbitrary script code.π Read
via "National Vulnerability Database".
βΌ CVE-2023-42469 βΌ
π Read
via "National Vulnerability Database".
The com.full.dialer.top.secure.encrypted application through 1.0.1 for Android enables any installed application (with no permissions) to place phone calls without user interaction by sending a crafted intent via the com.full.dialer.top.secure.encrypted.activities.DialerActivity component.π Read
via "National Vulnerability Database".
π¦Ώ iOS 17 Cheat Sheet: Release Date, Supported Devices and More π¦Ώ
π Read
via "Tech Republic".
iOS 17 has been announced, and it's Appleβs best version of iOS. Learn everything you need to know about iOS 17's features, release date and how to get it.π Read
via "Tech Republic".
TechRepublic
iOS 17 Cheat Sheet: Release Date, Supported Devices and More
When is iOS 17 coming out, and what is the list of supported devices? Find out everything you need to know with our iOS 17 cheat sheet.
π΄ Kubernetes Admins Warned to Patch Clusters Against New RCE Vulns π΄
π Read
via "Dark Reading".
All Windows endpoints within a vulnerable Kubernetes cluster are open to command injection attacks, new research finds. π Read
via "Dark Reading".
Dark Reading
Kubernetes Admins Warned to Patch Clusters Against New RCE Vulns
All Windows endpoints within a vulnerable Kubernetes cluster are open to command injection attacks, new research finds.
π΄ Rail Cybersecurity Is a Complex Environment π΄
π Read
via "Dark Reading".
CISOs in the rail industry must protect an older, more complex infrastructure than most industries. Here are some of the unique, high-stakes challenges.π Read
via "Dark Reading".
Dark Reading
Rail Cybersecurity Is a Complex Environment
CISOs in the rail industry must protect an older, more complex infrastructure than most industries. Here are some of the unique, high-stakes challenges.
π΄ Claroty Unveils Vulnerability & Risk Management Capabilities to Elevate Risk Reduction for Cyber-Physical Systems π΄
π Read
via "Dark Reading".
π Read
via "Dark Reading".
Dark Reading
Claroty Unveils Vulnerability & Risk Management Capabilities to Elevate Risk Reduction for Cyber-Physical Systems
NEW YORK, Sept. 13, 2023 /PRNewswire/ -- Claroty, the cyber-physical systems (CPS) protection company, today announced enhancements to its SaaS platforms' vulnerability and risk management (VRM) capabilities, further empowering security teams to evaluateβ¦
βΌ CVE-2023-40850 βΌ
π Read
via "National Vulnerability Database".
netentsec NS-ASG 6.3 is vulnerable to Incorrect Access Control. There is a file leak in the website source code of the application security gateway.π Read
via "National Vulnerability Database".
βΌ CVE-2023-42468 βΌ
π Read
via "National Vulnerability Database".
The com.cutestudio.colordialer application through 2.1.8-2 for Android allows a remote attacker to initiate phone calls without user consent, because of improper export of the com.cutestudio.dialer.activities.DialerActivity component. A third-party application (without any permissions) can craft an intent targeting com.cutestudio.dialer.activities.DialerActivity via the android.intent.action.CALL action in conjunction with a tel: URI, thereby placing a phone call.π Read
via "National Vulnerability Database".
βΌ CVE-2023-4568 βΌ
π Read
via "National Vulnerability Database".
PaperCut NG allows for unauthenticated XMLRPC commands to be run by default. Versions 22.0.12 and below are confirmed to be affected, but later versions may also be affected due to lack of a vendor supplied patch.π Read
via "National Vulnerability Database".
βΌ CVE-2023-41892 βΌ
π Read
via "National Vulnerability Database".
Craft CMS is a platform for creating digital experiences. This is a high-impact, low-complexity attack vector. Users running Craft installations before 4.4.15 are encouraged to update to at least that version to mitigate the issue. This issue has been fixed in Craft CMS 4.4.15.π Read
via "National Vulnerability Database".
βοΈ FBI Hacker Dropped Stolen Airbus Data on 9/11 βοΈ
π Read
via "Krebs on Security".
In December 2022, KrebsOnSecurity broke the news that a cybercriminal using the handle "USDoD" had infiltrated the FBI's vetted information sharing network InfraGard, and was selling the contact information for all 80,000 members. The FBI responded by reverifying all InfraGard members and by seizing the cybercrime forum where the data was being sold. But on Sept. 11, 2023, USDoD resurfaced after a lengthy absence to leak sensitive employee data stolen from the aerospace giant Airbus, while promising to visit the same treatment on top U.S. defense contractors.π Read
via "Krebs on Security".
Krebs on Security
FBI Hacker Dropped Stolen Airbus Data on 9/11
In December 2022, KrebsOnSecurity broke the news that a cybercriminal using the handle "USDoD" had infiltrated the FBI's vetted information sharing network InfraGard, and was selling the contact information for all 80,000 members. The FBI responded by reverifyingβ¦
π1
βΌ CVE-2023-4945 βΌ
π Read
via "National Vulnerability Database".
The Booster for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple shortcodes in versions up to, and including, 7.1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.π Read
via "National Vulnerability Database".