Microsoft Releases August 2023 Security Updates

https://msrc.microsoft.com/update-guide/releaseNote/2023-Aug

Actualización de seguridad para Adobe Commerce y Magento Open Source

Fecha de publicación: 09/08/2023
Importancia: 5 - Crítica

Recursos Afectados
Adobe Commerce, versiones 2.4.6-p1, 2.4.5-p3, 2.4.4-p4, 2.4.3-ext-3, 2.4.2-ext-3, 2.4.1-ext-3, 2.4.0-ext-3, 2.3.7-p4-ext-3 y anteriores.
Magento Open Source, versiones 2.4.6-p1, 2.4.5-p3, 2.4.4-p3 y anteriores.

Descripción
Adobe ha publicado una actualización de seguridad para Adobe Commerce y Magento Open Source que resuelve múltiples vulnerabilidades de severidad crítica e importante. La explotación exitosa de estas vulnerabilidades podría conllevar la ejecución de código arbitrario, la omisión de características de seguridad y la lectura arbitraria del sistema de archivos.

https://www.incibe.es/empresas/avisos/actualizacion-de-seguridad-para-adobe-commerce-y-magento-open-source

Microsoft Releases August 2023 Security Updates

Release DateAugust 08, 2023

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can exploit some of these vulnerabilities to take control of an affected system.

CISA encourages users and administrators to review Microsoft’s August 2023 Security Update Guide and apply the necessary updates.

https://www.cisa.gov/news-events/alerts/2023/08/08/microsoft-releases-august-2023-security-updates

Fortinet Releases Security Update for FortiOS

Release DateAugust 08, 2023

Fortinet has released a security update to address a vulnerability (CVE-2023-29182) affecting FortiOS. A remote attacker can exploit this vulnerability to take control of an affected system.

CISA encourages users and administrators to review the Fortinet security release [FG-IR-23-149] and apply the necessary updates.

https://www.cisa.gov/news-events/alerts/2023/08/08/fortinet-releases-security-update-fortios

Adobe Releases Security Updates for Multiple Products

Release DateAugust 08, 2023

Adobe has released security updates to address multiple vulnerabilities in Adobe software. An attacker can exploit some of these vulnerabilities to take control of an affected system.

CISA encourages users and administrators to review the following Adobe Security Bulletins and apply the necessary updates.

Adobe Acrobat and Reader: APSB23-30
Adobe Commerce: APSB23-42
Adobe Dimension: APSB23-44
Adobe XMP Toolkit SDK: APSB23-45

https://www.cisa.gov/news-events/alerts/2023/08/08/adobe-releases-security-updates-multiple-products

Actualización de seguridad de SAP de agosto de 2023

Fecha 09/08/2023
Importancia 5 - Crítica

Recursos Afectados
SAP PowerDesigner, versión 16.7.
El resto de productos afectados por vulnerabilidades no críticas se pueden consultar en el aviso del fabricante.

Descripción
SAP ha publicado varias actualizaciones de seguridad en diferentes productos en su comunicado mensual.

http://www.incibe.es/incibe-cert/alerta-temprana/avisos/actualizacion-de-seguridad-de-sap-de-agosto-de-2023

Múltiples vulnerabilidades en HPE Unified Correlation Analyzer

Fecha 09/08/2023
Importancia 5 - Crítica

Recursos Afectados
HPE Unified Correlation Analyzer (UCA) 4.3.x anterior a 4.3.27.

Descripción
HPE ha informado de 21 vulnerabilidades en su producto Unified Correlation Analyzer (UCA), siendo 5 de ellas críticas, 9 altas y 7 calificadas como medias o bajas.

http://www.incibe.es/incibe-cert/alerta-temprana/avisos/multiples-vulnerabilidades-en-hpe-unified-correlation-analyzer

NIST Drafts Major Update to Its Widely Used Cybersecurity Framework

NIST has revised the framework to help benefit all sectors, not just critical infrastructure.

https://www.nist.gov/news-events/news/2023/08/nist-drafts-major-update-its-widely-used-cybersecurity-framework

MaginotDNS attacks exploit weak checks for DNS cache poisoning

A team of researchers from UC Irvine and Tsinghua University has developed a new powerful cache poisoning attack named 'MaginotDNS,' that targets Conditional DNS (CDNS) resolvers and can compromise entire TLDs top-level domains.

https://www.bleepingcomputer.com/news/security/maginotdns-attacks-exploit-weak-checks-for-dns-cache-poisoning/

CVE-2023-24489 Detail

CNA: Citrix Systems, Inc.
Base Score: 9.8

Description
A vulnerability has been discovered in the customer-managed ShareFile storage zones controller which, if exploited, could allow an unauthenticated attacker to remotely compromise the customer-managed ShareFile storage zones controller.

https://nvd.nist.gov/vuln/detail/CVE-2023-24489

https://support.citrix.com/article/CTX559517/sharefile-storagezones-controller-security-update-for-cve202324489

Cisco Releases Security Advisories for Multiple Products

Release DateAugust 17, 2023

Cisco has released security advisories for vulnerabilities affecting multiple Cisco products. A cyber threat actor can exploit some of these vulnerabilities to take control of an affected system or cause a denial-of service condition.

CISA encourages users and administrators to review the following advisories and apply the necessary updates.

ThousandEyes Enterprise Agent
Duo Device Health Application
Unified CM
ClamAV HFS+
ClamAV

https://www.cisa.gov/news-events/alerts/2023/08/17/cisco-releases-security-advisories-multiple-products

Atlassian Releases Security Update for Confluence Server and Data Center

Release DateAugust 17, 2023

Atlassian has released its security bulletin for August 2023 to address a vulnerability in Confluence Server and Data Center, CVE-2023-28709. A remote attacker can exploit this vulnerability to cause a denial-of-service condition.

CISA encourages users and administrators to review Atlassian’s August 2003 Security Bulletin and apply the necessary update.

This product is provided subject to this Notification and this Privacy & Use policy.

https://www.cisa.gov/news-events/alerts/2023/08/17/atlassian-releases-security-update-confluence-server-and-data-center

Juniper Releases Security Advisory for Multiple Vulnerabilities in Junos OS

Release DateAugust 18, 2023

Juniper has released a security advisory to address vulnerabilities in Junos OS on SRX Series and EX Series. A remote cyber threat actor could exploit these vulnerabilities to cause a denial-of service condition.

https://www.cisa.gov/news-events/alerts/2023/08/18/juniper-releases-security-advisory-multiple-vulnerabilities-junos-os

WinRAR flaw lets hackers run programs when you open RAR archives

A high-severity vulnerability has been fixed in WinRAR, the popular file archiver utility for Windows used by millions, that can execute commands on a computer simply by opening an archive.

The flaw is tracked as CVE-2023-40477 and could give remote attackers arbitrary code execution on the target system after a specially crafted RAR file is opened.

The vulnerability was discovered by researcher "goodbyeselene" of Zero Day Initiative, who reported the flaw to the vendor, RARLAB, on June 8th, 2023.

"The specific flaw exists within the processing of recovery volumes," reads the security advisory released on ZDI's site.

https://www.bleepingcomputer.com/news/security/winrar-flaw-lets-hackers-run-programs-when-you-open-rar-archives/

https://www.zerodayinitiative.com/advisories/ZDI-23-1152/

Vulnerabilidad de inyección de comandos en IBM Security Guardium

Fecha 17/08/2023
Importancia 5 - Crítica

Recursos Afectados
IBM Security Guardium versiones: 10.6, 11.3, 11.4 y 11.5.

Descripción
IBM ha informado de una vulnerabilidad de inyección de comandos en IBM Security Guardium.

http://www.incibe.es/incibe-cert/alerta-temprana/avisos/vulnerabilidad-de-inyeccion-de-comandos-en-ibm-security-guardium

Múltiples vulnerabilidades detectadas en diferentes productos Autodesk

Fecha 17/08/2023
Importancia 4 - Alta

Recursos Afectados
Versiones anteriores a 2023, 2022 y 2021 de los siguientes productos de Autodesk que utilicen el componente PSKernel:
AutoCAD,
AutoCAD Architecture,
AutoCAD Electrical,
AutoCAD Map 3D,
AutoCAD Mechanical,
AutoCAD MEP,
AutoCAD Plant 3D,
AutoCAD LT,
Civil 3D,
Advance Steel,
Maya,
Navisworks,
Alias,
VRED.

Descripción
Han sido detectadas vulnerabilidades en varios productos de Autodesk. Estas podrían ser explotadas por un atacante, pudiendo escalar privilegios a nivel de administrador que no le corresponden para llevar a cabo acciones ilegítimas. Las vulnerabilidades son de severidad alta y del tipo escritura y lectura fuera de límites, desbordamiento de enteros y corrupción a la hora de escribir en memoria.

http://www.incibe.es/empresas/avisos/multiples-vulnerabilidades-detectadas-en-diferentes-productos-autodesk-0

Múltiples vulnerabilidades en Moodle

Fecha 21/08/2023
Importancia 4 - Alta

Recursos Afectados
Las siguientes versiones de Moodle se ven afectadas:
desde 4.2 hasta 4.2.1;
desde 4.1 hasta 4.1.4;
desde 4.0 hasta 4.0.9;
desde 3.11 hasta 3.11.15;
desde 3.9 hasta 3.9.22;
versiones anteriores sin soporte.

Descripción
Varios investigadores han reportado 5 vulnerabilidades de severidad alta y varias bajas que se pueden consultar en la web de avisos de Moodle.

http://www.incibe.es/incibe-cert/alerta-temprana/avisos/multiples-vulnerabilidades-en-moodle-1

Omisión de autenticación en ​Ivanti Sentry

Fecha 22/08/2023
Importancia 5 - Crítica

Recursos Afectados
Sentry Administrator Interface, versiones 9.18, 9.17, 9.16 y anteriores.

Descripción
Se ha identificado una vulnerabilidad crítica en Ivanti Sentry (anteriormente conocido como MobileIron Sentry), cuya explotación podría permitir a un atacante realizar cambios en la configuración, escribir archivos en el sistema o ejecutar comandos del sistema operativo con privilegios de root .

Solución
Se han programado unos scripts RPM, cada uno específico para una versión con soporte afectada ( 9.18 , 9.17 y 9.16 ) que deben emplearse siguiendo los pasos descritos en el apartado ' Resolution '.

Una vez aplicados los pasos, comprobar que las versiones de Sentry instaladas han pasado a ser 9.18.0a, 9.17.0a y 9.16.0a, según corresponda.

En las versiones sin soporte no pueden aplicarse los scripts RPM.

http://www.incibe.es/incibe-cert/alerta-temprana/avisos/omision-de-autenticacion-en-ivanti-sentry

CISA, NSA, and NIST Publish Factsheet on Quantum Readiness

Release Date August 21, 2023

Today, the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA) and National Institute of Standards and Technology (NIST) released a joint factsheet, Quantum-Readiness: Migration to Post-Quantum Cryptography (PQC), to inform organizations—especially those that support Critical Infrastructure—of the impacts of quantum capabilities, and to encourage the early planning for migration to post-quantum cryptographic standards by developing a Quantum-Readiness Roadmap.
CISA, NSA, and NIST urge organizations to review the joint factsheet and to begin preparing now by creating quantum-readiness roadmaps, conducting inventories, applying risk assessments and analysis, and engaging vendors. For more information and resources related to CISA’s PQC work, visit Post-Quantum Cryptography Initiative.

https://www.cisa.gov/news-events/alerts/2023/08/21/cisa-nsa-and-nist-publish-factsheet-quantum-readiness

Múltiples vulnerabilidades en productos de EFS Software

Fecha 23/08/2023
Importancia 5 - Crítica

Recursos Afectados
Easy Address Book Web Server, versión 1.6.
Easy Chat Server, versiones 3.1 y anteriores.

Descripción
INCIBE ha coordinado la publicación de 7 vulnerabilidades en Easy Address Book Web Server y Easy Chat Server de EFS Software , un software de gestión empresarial, las cuales han sido descubiertas por Rafael Pedrero.

http://www.incibe.es/incibe-cert/alerta-temprana/avisos/multiples-vulnerabilidades-en-productos-de-efs-software