Citrix Releases Security Updates for Multiple Products
Release DateOctober 10, 2023
Citrix has released security updates to address vulnerabilities affecting multiple products. A malicious cyber actor can exploit one of these vulnerabilities take control of an affected system.

https://www.cisa.gov/news-events/alerts/2023/10/10/citrix-releases-security-updates-multiple-products

Microsoft Releases October 2023 Security Updates

https://msrc.microsoft.com/update-guide/releaseNote/2023-oct

Fortinet Releases Security Updates for Multiple Products
Release DateOctober 11, 2023

https://www.cisa.gov/news-events/alerts/2023/10/11/fortinet-releases-security-updates-multiple-products

Actualización de seguridad 6.3.2 para WordPress

Fecha 13/10/2023
Importancia 3 - Media

Recursos Afectados
WordPress, versiones anteriores a 6.3.2.

Descripción
Se ha publicado la última versión de WordPress que contiene 41 correcciones de errores y 8 de seguridad.

http://www.incibe.es/incibe-cert/alerta-temprana/avisos/actualizacion-de-seguridad-632-para-wordpress

Apple fixes iOS Kernel zero-day vulnerability on older iPhones

Apple has published security updates for older iPhones and iPads to backport patches released one week ago, addressing two zero-day vulnerabilities exploited in attacks.

"Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.6," the company said in an advisory.

The first zero-day (tracked as CVE-2023-42824) is a privilege escalation vulnerability caused by a weakness in the XNU kernel that can let local attackers elevate privileges on vulnerable iPhones and iPads.

https://www.bleepingcomputer.com/news/security/apple-fixes-ios-kernel-zero-day-vulnerability-on-older-iphones/

DarkGate Opens Organizations for Attack via Skype, Teams

https://www.trendmicro.com/en_ph/research/23/j/darkgate-opens-organizations-for-attack-via-skype-teams.html

Cisco IOS XE Software Web UI Privilege Escalation Vulnerability

Advisory ID:
cisco-sa-iosxe-webui-privesc-j22SaA4z
First Published: 2023 October 16 15:00 GMT
Version 1.1: Interim
Workarounds: No workarounds available
Cisco Bug IDs:
CSCwh87343 CVE-2023-20198

CVSS Score: Base 10.0

Vulnerable Products
This vulnerability affects Cisco IOS XE Software if the web UI feature is enabled. The web UI feature is enabled through the ip http server or ip http secure-server commands.

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-webui-privesc-j22SaA4z

SONICOS AFFECTED BY MULTIPLE VULNERABILITIES


Advisory ID SNWLID-2023-0012

First Published 2023-10-17
Workaround true
Status Applicable
CVE CVE-2023-39276, CVE-2023-39277, CVE-2023-39278, CVE-2023-39279, CVE-2023-39280, CVE-2023-41711, CVE-2023-41712, CVE-2023-41713, CVE-2023-41715
CWE CWE-121, CWE-259, CWE-269

CVSS v3 7.7

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012

HTTP/2 Rapid Reset: cómo desarmamos el ataque sin precedentes

https://blog.cloudflare.com/es-es/technical-breakdown-http2-rapid-reset-ddos-attack-es-es/

Actualizaciones críticas en Oracle (octubre 2023)

Fecha 18/10/2023
Importancia 5 - Crítica

http://www.incibe.es/incibe-cert/alerta-temprana/avisos/actualizaciones-criticas-en-oracle-octubre-2023

Múltiples vulnerabilidades en Liferay

Fecha 18/10/2023
Importancia 5 - Crítica

Recursos Afectados
Liferay DXP 7.3 fix pack 1, hasta la actualización 23;
Liferay DXP 7.4, antes de la actualización 89;
Liferay Portal, desde 7.3.6 hasta 7.4.3.89.

Descripción
Liferay ha publicado 5 vulnerabilidades críticas que afectan a distintas versiones de sus productos DXP y Portal.

http://www.incibe.es/incibe-cert/alerta-temprana/avisos/multiples-vulnerabilidades-en-liferay

Múltiples vulnerabilidades en Moodle

Fecha 18/10/2023
Importancia 4 - Alta

Recursos Afectados
Las siguientes versiones de Moodle se ven afectadas:

desde 4.2 hasta 4.2.2,
desde 4.1 hasta 4.1.5,
desde 4.0 hasta 4.0.10,
desde 3.11 hasta 3.11.16,
desde 3.9 hasta 3.9.23
versiones anteriores sin soporte.

Descripción
Varios investigadores han reportado 4 vulnerabilidades de severidad alta y varias bajas que se pueden consultar en la web de avisos de Moodle.

Solución
Actualizar a las versiones 4.2.3, 4.1.6, 4.0.11, 3.11.17 y 3.9.24.

http://www.incibe.es/incibe-cert/alerta-temprana/avisos/multiples-vulnerabilidades-en-moodle-2

GNU Mailutils: unexpected processsing of escape sequences — GLSA 202310-13

https://security.gentoo.org/glsa/202310-13

NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2023-4966 and CVE-2023-4967

Description of Problem
Multiple vulnerabilities have been discovered in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway).

https://support.citrix.com/article/CTX579459/netscaler-adc-and-netscaler-gateway-security-bulletin-for-cve20234966-and-cve20234967

Oracle Releases October 2023

Critical Patch Update Advisory
Release DateOctober 19, 2023

Oracle has released its Critical Patch Update Advisory for October 2023 to address 387 vulnerabilities across multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.

https://www.cisa.gov/news-events/alerts/2023/10/19/oracle-releases-october-2023-critical-patch-update-advisory

VMSA-2023-0021

CVSSv3 Range: 8.1
Issue Date: 2023-10-19
CVE(s): CVE-2023-34051, CVE-2023-34052

Synopsis:
VMware Aria Operations for Logs updates address multiple vulnerabilities. (CVE-2023-34051, CVE-2023-34052)

Impacted Products
Aria Operations for Logs

Introduction
Multiple vulnerabilities in VMware Aria Operations for Logs were privately reported to VMware. Updates are available to remediate this vulnerability in affected VMware products.

https://www.vmware.com/security/advisories/VMSA-2023-0021.html

VMSA-2023-0022

CVSSv3 Range: 6.6-7.1
Issue Date: 2023-10-19
CVE(s): CVE-2023-34044, CVE-2023-34045, CVE-2023-34046

Synopsis:
VMware Fusion and Workstation updates address privilege escalation and information disclosure vulnerabilities (CVE-2023-34044, CVE-2023-34045, CVE-2023-34046)

Impacted Products
VMware Workstation Pro / Player (Workstation)
VMware Fusion

Introduction
Multiple security vulnerabilities in VMware Workstation and Fusion were responsibly reported to VMware. Updates are available to remediate these vulnerabilities in the affected VMware products.

https://www.vmware.com/security/advisories/VMSA-2023-0022.html

Critical RCE flaws found in SolarWinds access audit solution

Security researchers found three critical remote code execution vulnerabilities in the SolarWinds Access Rights Manager (ARM) product that remote attackers could use to run code with SYSTEM privileges.

https://www.bleepingcomputer.com/news/security/critical-rce-flaws-found-in-solarwinds-access-audit-solution/

THREAT ACTORS BREACHED OKTA SUPPORT SYSTEM AND STOLE CUSTOMERS’ DATA

Okta revealed that threat actors breached its support case management system and stole sensitive data that can be used in future attacks.
Okta says that threat actors broke into its support case management system and stole authentication data, including cookies and session tokens, that can be abused in future attacks to impersonate valide users.

Okta asks customers to upload an HTTP Archive (HAR) file in order to support them in solving their problems and replicating browser activity. HAR files can also contain sensitive data, including authentication information.

https://securityaffairs.com/152803/data-breach/okta-support-system-breached.html

👆🏼Updated On: 2023-10-23

https://www.vmware.com/security/advisories/VMSA-2023-0021.html