SysAdmin 24x7
@sysadmin24x7
4.34K subscribers
41 photos
2 videos
8 files
6.02K links
Noticias y alertas de seguridad informática.
Chat y contacto:
t.me/sysadmin24x7chat
Download Telegram
About
Blog
Apps
Platform
Join
SysAdmin 24x7
4.34K subscribers
SysAdmin 24x7
WordPress plugin lets users become admins – Patch early, patch often!

If you run a WordPress site with the Ultimate Members plugin installed, make sure you’ve updated it to the latest version.

https://nakedsecurity.sophos.com/2023/07/03/wordpress-plugin-lets-users-become-admins-patch-early-patch-often/
Naked Security
WordPress plugin lets users become admins – Patch early, patch often!
Ultimate Member plugin lets rogue users choose their own site capabilities, including becoming admins.
651 views
SysAdmin 24x7
Ghostscript bug could allow rogue documents to run system commands.

https://nakedsecurity.sophos.com/2023/07/04/ghostscript-bug-could-allow-rogue-documents-to-run-system-commands/
Sophos News
Naked Security – Sophos News
679 views
SysAdmin 24x7
Firefox 115 Patches High-Severity Use-After-Free Vulnerabilities

Mozilla has released Firefox 115 to the stable channel with patches for two high-severity use-after-free vulnerabilities.

Mozilla on Tuesday announced the release of Firefox 115 to the stable channel with patches for a dozen vulnerabilities, including two high-severity use-after-free bugs.

Tracked as CVE-2023-37201, the first of the high-severity issues is described as a use-after-free flaw in WebRTC certificate generation.

https://www.securityweek.com/firefox-115-patches-high-severity-use-after-free-vulnerabilities/

https://www.mozilla.org/en-US/security/advisories/mfsa2023-22/
SecurityWeek
Firefox 115 Patches High-Severity Use-After-Free Vulnerabilities
Mozilla has released Firefox 115 to the stable channel with patches for two high-severity use-after-free vulnerabilities.
677 views
SysAdmin 24x7
Cisco Switch Flaw Let Attack Reads Encrypted Traffic

https://gbhackers.com/cisco-switch-flaw-encryption/

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aci-cloudsec-enc-Vs5Wn2sX
GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Cisco Switch Flaw Let Attack Reads Encrypted Traffic
A Flaw with Cisco ACI Multi-Site CloudSec encryption feature of Cisco Nexus 9000 Series switches let attackers read the encrypted traffic.
663 views
SysAdmin 24x7
VMSA-2023-0015

CVSSv3 Range:5.3
Issue Date:2023-07-06
CVE(s):CVE-2023-20899

Synopsis:
VMware SD-WAN update addresses a bypass authentication vulnerability (CVE-2023-20899)

Impacted Products
VMware SD-WAN (Edge)

Introduction
An Authentication Bypass Vulnerability affecting VMware SD-WAN was privately reported to VMware. Updates are available to address this vulnerability in affected VMware products.

https://www.vmware.com/security/advisories/VMSA-2023-0015.html
VMware
VMSA-2023-0015
VMware SD-WAN update addresses a bypass authentication vulnerability (CVE-2023-20899)
838 views
SysAdmin 24x7
VMSA-2023-0007.1

CVSSv3 Range:7.2-9.8
Issue Date:2023-04-20
Updated On:2023-07-10

CVE(s):
CVE-2023-20864, CVE-2023-20865

Synopsis:
VMware Aria Operations for Logs (Operations for Logs) update addresses multiple vulnerabilities. (CVE-2023-20864, CVE-2023-20865)

Impacted Products
VMware Aria Operations for Logs (formerly vRealize Log Insight)

Introduction
Multiple vulnerabilities in VMware Aria Operations for Logs were privately reported to VMware. Updates and workarounds are available to address these vulnerabilities in affected VMware products.

https://www.vmware.com/security/advisories/VMSA-2023-0007.html
673 views
SysAdmin 24x7
0day de tipo ejecución de código arbitrario en WebKit de Apple

Fecha 11/07/2023
Importancia 5 - Crítica

Recursos Afectados
Versiones anteriores a:
iOS 16.5.1 y iPadOS 16.5.1;
macOS Ventura 13.4.1;
Safari 16.5.2.

Descripción
Un investigador anónimo ha informado a Apple de una vulnerabilidad, de tipo 0day, que podría permitir a un atacante ejecutar código arbitrario.

http://www.incibe.es/incibe-cert/alerta-temprana/avisos/0day-de-tipo-ejecucion-de-codigo-arbitrario-en-webkit-de-apple
www.incibe.es
0day De Tipo Ejecucion De Codigo Arbitrario En Webkit De Apple | INCIBE-CERT | INCIBE
Un investigador anónimo ha informado a Apple de una vulnerabilidad, de tipo 0day, que podría permitir
690 views
SysAdmin 24x7
Microsoft Updates
July 2023 Security Updates

https://msrc.microsoft.com/update-guide/releaseNote/2023-Jul
625 views
SysAdmin 24x7
Adobe Releases Security Updates for ColdFusion and InDesign
Release DateJuly 11, 2023

Adobe has released security updates to address vulnerabilities affecting ColdFusion and InDesign. An attacker can exploit some of these vulnerabilities to take control of an affected system.

CISA encourages users and administrators to review the Adobe security releases APSB23-38 and APSB23-40 and apply the necessary updates.

https://www.cisa.gov/news-events/alerts/2023/07/11/adobe-releases-security-updates-coldfusion-and-indesign
579 views
SysAdmin 24x7
Fortinet Releases Security Update for FortiOS and FortiProxy
Release DateJuly 11, 2023

Fortinet has released a security update to address a critical vulnerability (CVE-2023-33308) affecting FortiOS and FortiProxy. A remote attacker can exploit this vulnerability to take control of an affected system.

CISA encourages users and administrators to review the Fortinet security release FG-IR-23-183 and apply the necessary updates.

https://www.cisa.gov/news-events/alerts/2023/07/11/fortinet-releases-security-update-fortios-and-fortiproxy
597 views
SysAdmin 24x7
Actualización de seguridad de SAP de julio de 2023

Fecha de publicación12/07/2023
Importancia5 - Crítica

https://www.incibe.es/incibe-cert/alerta-temprana/avisos/actualizacion-de-seguridad-de-sap-de-julio-de-2023
www.incibe.es
Actualizacion De Seguridad De Sap De Julio De 2023 | INCIBE-CERT | INCIBE
SAP ha publicado varias actualizaciones de seguridad en diferentes productos en su comunicado mensual.
558 views
SysAdmin 24x7
Microsoft July 2023 Patch Tuesday warns of 6 zero-days, 132 flaws

Today is Microsoft's July 2023 Patch Tuesday, with security updates for 132 flaws, including six actively exploited and thirty-seven remote code execution vulnerabilities.

While thirty-seven RCE bugs were fixed, Microsoft only rated nine as 'Critical.' However, one of the RCE flaws remains unpatched and is actively exploited in attacks seen by numerous cybersecurity firms.

The number of bugs in each vulnerability category is listed below:

https://www.bleepingcomputer.com/news/microsoft/microsoft-july-2023-patch-tuesday-warns-of-6-zero-days-132-flaws/
BleepingComputer
Microsoft July 2023 Patch Tuesday warns of 6 zero-days, 132 flaws
Today is Microsoft's July 2023 Patch Tuesday, with security updates for 132 flaws, including six actively exploited and thirty-seven remote code execution vulnerabilities.
555 views
SysAdmin 24x7
Microsoft Warns of Office Zero-Day Attacks, No Patch Available

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

https://www.securityweek.com/microsoft-warns-of-office-zero-day-attacks-no-patch-available/
SecurityWeek
Microsoft Warns of Office Zero-Day Attacks, No Patch Available
Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.
579 views
SysAdmin 24x7
Citrix Secure Access client for Ubuntu Security Bulletin for CVE-2023-24492

Description of Problem
Vulnerabilities have been discovered in Citrix Secure Access client for Ubuntu (previously Citrix Gateway VPN client for Ubuntu).

The following supported versions are affected by the vulnerability:

Versions before 23.5.2

https://support.citrix.com/article/CTX564169/citrix-secure-access-client-for-ubuntu-security-bulletin-for-cve202324492
515 views
SysAdmin 24x7
VU#913565: Hard-coded credentials in Technicolor TG670 DSL gateway router

https://kb.cert.org/vuls/id/913565
www.kb.cert.org
CERT/CC Vulnerability Note VU#913565
Hard-coded credentials in Technicolor TG670 DSL gateway router
513 views
SysAdmin 24x7
Microsoft patches four zero-days, finally takes action against crimeware kernel drivers

https://nakedsecurity.sophos.com/2023/07/12/microsoft-patches-four-zero-days-finally-takes-action-against-crimeware-kernel-drivers/
Sophos News
Naked Security – Sophos News
500 views
SysAdmin 24x7
Acceso no autenticado a REST API en Cisco SD-WAN vManage

Fecha 13/07/2023
Importancia 5 - Crítica

Recursos Afectados
Cisco SD-WAN vManage, versiones:
20.6.3.3;
20.6.4;
20.6.5;
20.7;
20.8;
20.9;
20.10;
20.11.

Descripción
Se ha identificado una vulnerabilidad de severidad crítica que afecta al producto SD-WAN vManage de Cisco, cuya explotación podría permitir a un atacante, remoto y no autenticado, obtener permisos de lectura o permisos de escritura limitados en la configuración de una instancia de Cisco SD-WAN vManage afectada.

http://www.incibe.es/incibe-cert/alerta-temprana/avisos/acceso-no-autenticado-rest-api-en-cisco-sd-wan-vmanage
www.incibe.es
Acceso No Autenticado Rest Api En Cisco Sd Wan Vmanage | INCIBE-CERT | INCIBE
Se ha identificado una vulnerabilidad de severidad crítica que afecta al producto SD-WAN vManage de Ci
455 views
SysAdmin 24x7
Limitación incorrecta de una ruta a un directorio restringido en ConacWin de Setelsa Security

Fecha 13/07/2023
Importancia 4 - Alta

Recursos Afectados
ConacWin, versiones 3.8.2.2 y anteriores.

Descripción
INCIBE ha coordinado la publicación de una vulnerabilidad que afecta a ConacWin, de Setelsa Security, una plataforma de control de acceso, la cual ha sido descubierta por Black_Giraffe.

A esta vulnerabilidad se le ha asignado el siguiente código: CVE-2023-3512 :
Puntuación base CVSS v3.1: 7.5.
Cálculo del CVSS: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N.
Tipo de vulnerabilidad: CWE-23: Relative Path Traversal.

http://www.incibe.es/incibe-cert/alerta-temprana/avisos/limitacion-incorrecta-de-una-ruta-un-directorio-restringido-en-conacwin-de
www.incibe.es
Limitacion Incorrecta De Una Ruta Un Directorio Restringido En Conacwin De | INCIBE-CERT | INCIBE
INCIBE ha coordinado la publicación de una vulnerabilidad que afecta a ConacWin, de Setelsa Security,
428 views
SysAdmin 24x7
Múltiples vulnerabilidades en SonicWall GMS/Analytics

Fecha 13/07/2023
Importancia 5 - Crítica

Recursos Afectados
Global System Management (GMS), versiones:
Virtual Appliance 9.3.2-SP1 y anteriores;
Windows 9.3.2-SP1 y anteriores.
Analytics, versiones 2.5.0.4-R7 y anteriores.

Descripción
SonicWall, en colaboración con NCCGroup, ha publicado 15 vulnerabilidades que afectan a su producto GMS/Analytics, 4 de ellas de severidad crítica, 4 altas y 7 medias, que podrían permitir a un atacante eludir la autenticación y exponer de información sensible a un actor no autorizado.

http://www.incibe.es/incibe-cert/alerta-temprana/avisos/multiples-vulnerabilidades-en-sonicwall-gmsanalytics
www.incibe.es
Multiples Vulnerabilidades En Sonicwall Gmsanalytics | INCIBE-CERT | INCIBE
SonicWall, en colaboración con NCCGroup, ha publicado 15 vulnerabilidades que afectan a su producto GM
451 views
SysAdmin 24x7
Autorización incorrecta en Apache Pulsar

Fecha 13/07/2023
Importancia 5 - Crítica

Recursos Afectados
Apache Pulsar, versiones:
anteriores a 2.10.4;
2.11.0.

Descripción
Michael Marshall, investigador de DataStax, ha reportado una vulnerabilidad crítica que afecta a Apache Pulsar, cuya explotación podría permitir una escalada de privilegios.

http://www.incibe.es/incibe-cert/alerta-temprana/avisos/autorizacion-incorrecta-en-apache-pulsar
www.incibe.es
Autorizacion Incorrecta En Apache Pulsar | INCIBE-CERT | INCIBE
Michael Marshall, investigador de DataStax, ha reportado una vulnerabilidad crítica que afecta a Apach
498 views
SysAdmin 24x7
Múltiples vulnerabilidades en productos Netgear

Fecha 13/07/2023
Importancia 5 - Crítica

Recursos Afectados
ProSAFE Network Management System (NMS300), versiones de software anteriores a 1.7.0.20.

Descripción
Netgear ha publicado múltiples avisos de seguridad, que afectan al producto NMS300.

http://www.incibe.es/incibe-cert/alerta-temprana/avisos/multiples-vulnerabilidades-en-productos-netgear
www.incibe.es
Multiples Vulnerabilidades En Productos Netgear | INCIBE-CERT | INCIBE
Netgear ha publicado múltiples avisos de seguridad, que afectan al producto NMS300.
576 views