SysAdmin 24x7
@sysadmin24x7
4.34K subscribers
41 photos
2 videos
8 files
6.02K links
Noticias y alertas de seguridad informática.
Chat y contacto:
t.me/sysadmin24x7chat
Download Telegram
About
Blog
Apps
Platform
Join
SysAdmin 24x7
4.34K subscribers
SysAdmin 24x7
Múltiples vulnerabilidades en BIND 9

Fecha 14/02/2024
Importancia 4 - Alta

Recursos Afectados
Versiones de BIND:
desde 9.0.0 hasta 9.16.46;
desde 9.16.0 hasta 9.16.45;
desde 9.12.0 hasta 9.16.45;
desde 9.18.0 hasta 9.18.22;
desde 9.19.0 hasta 9.19.20.
Versiones de BIND Supported Preview Edition:
desde 9.9.3-S1 hasta 9.16.46-S1;
desde 9.16.8-S1 hasta 9.16.45-S1;
desde 9.18.11-S1 hasta 9.18.22-S1.

Descripción
ICS BIND ha notificado 6 vulnerabilidades de severidad alta que afectan a BIND 9. Un atacante podría explotar estas vulnerabilidades para provocar una denegación de servicio.

https://www.incibe.es/incibe-cert/alerta-temprana/avisos/multiples-vulnerabilidades-en-bind-9-0
www.incibe.es
Múltiples vulnerabilidades en BIND 9
ICS BIND ha notificado 6 vulnerabilidades de severidad alta que afectan a BIND 9.
988 views
SysAdmin 24x7
Múltiples vulnerabilidades en productos Adobe, ¡actualiza!

Fecha 14/02/2024
Importancia 5 - Crítica

Recursos Afectados
Adobe Commerce, versiones 2.4.6-p3, 2.4.5-p5, 2.4.4-p6, 2.4.3-ext-5, 2.4.2-ext-5, 2.4.1-ext-5, 2.4.0-ext-5, 2.3.7-p4-ext-5 y anteriores.
Magento Open Source, versiones 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 y anteriores.
Acrobat DC y Acrobat Reader DC, versiones 23.008.20470 y anteriores.
Acrobat 2020 y Acrobat Reader 2020, versiones 20.005.30539 y anteriores.

Descripción
Adobe ha publicado actualizaciones de seguridad para Adobe Commerce y Magento Open Source, junto con Adobe Acrobat y Reader, para Windows y macOS, que corrigen vulnerabilidades críticas, importantes y moderadas.
Estas vulnerabilidades, de ser explotadas exitosamente, podrían provocar la ejecución de código arbitrario, la omisión de características de seguridad, la denegación de servicio de aplicaciones y la fuga de memoria.

https://www.incibe.es/empresas/avisos/multiples-vulnerabilidades-en-productos-adobe-actualiza
www.incibe.es
Múltiples vulnerabilidades en productos Adobe, ¡actualiza!
Adobe ha publicado actualizaciones de seguridad para Adobe Commerce y Magento Open Source, junto con A
1.21K views
SysAdmin 24x7
ESET Patches High-Severity Privilege Escalation Vulnerability

ESET has released patches for a high-severity elevation of privilege vulnerability in its Windows security products.

https://www.securityweek.com/eset-patches-high-severity-privilege-escalation-vulnerability/
SecurityWeek
ESET Patches High-Severity Privilege Escalation Vulnerability
ESET has released patches for a high-severity elevation of privilege vulnerability in its Windows security products.
1.37K views
SysAdmin 24x7
VMSA-2024-0004

CVSSv3 Range: 6.7
Issue Date: 2024-02-20
CVE(s): CVE-2024-22235

Synopsis:
VMware Aria Operations updates address local privilege escalation vulnerability. (CVE-2024-22235)

Impacted Products
VMware Aria Operations (formerly vRealize Operations)
VMware Cloud Foundation (VMware Aria Operations)

Introduction
A local privilege escalation vulnerability affecting Aria Operations was responsibly reported to VMware. Updates are available to remediate this vulnerability in affected VMware products.

https://www.vmware.com/security/advisories/VMSA-2024-0004.html
1.17K views
SysAdmin 24x7
VMSA-2024-0003

CVSSv3 Range: 9.6 - 7.8
Issue Date: 2024-02-20
CVE(s): CVE-2024-22245, CVE-2024-22250

Synopsis:
Addressing Arbitrary Authentication Relay and Session Hijack Vulnerabilities in Deprecated VMware Enhanced Authentication Plug-in (EAP) (CVE-2024-22245, CVE-2024-22250)

Impacted Products
VMware Enhanced Authentication Plug-in (EAP)

Introduction
Arbitrary Authentication Relay and Session Hijack vulnerabilities in the deprecated VMware Enhanced Authentication Plug-in (EAP) were responsibly reported to VMware. Guidance is available on removing this deprecated component from impacted environments.

https://www.vmware.com/security/advisories/VMSA-2024-0003.html
1.28K views
SysAdmin 24x7
ScreenConnect critical bug now under attack as exploit code emerges

Both technical details and proof-of-concept exploits are available for the two vulnerabilities ConnectWise disclosed earlier this week for ScreenConnect, its remote desktop and access software.

A day after the vendor published the security issues, attackers started leveraging them in attacks.

CISA has assigned CVE-2024-1708 and CVE-2024-1709 identifiers to the the two security issues, which the vendor assessed as a maximum severity authentication bypass and a high-severity path traversal flaw that impact ScreenConnect servers 23.9.7 and earlier.

https://www.bleepingcomputer.com/news/security/screenconnect-critical-bug-now-under-attack-as-exploit-code-emerges/
BleepingComputer
ScreenConnect critical bug now under attack as exploit code emerges
Both technical details and proof-of-concept exploits are available for the two vulnerabilities ConnectWise disclosed earlier this week for ScreenConnect, its remote desktop and access software.
1.37K views
SysAdmin 24x7
WordPress Plugin Alert - Critical SQLi Vulnerability Threatens 200K+ Websites

A critical security flaw has been disclosed in a popular WordPress plugin called Ultimate Member that has more than 200,000 active installations.

The vulnerability, tracked as CVE-2024-1071, carries a CVSS score of 9.8 out of a maximum of 10. Security researcher Christiaan Swiers has been credited with discovering and reporting the flaw.

https://thehackernews.com/2024/02/wordpress-plugin-alert-critical-sqli.html
1.03K views
SysAdmin 24x7
(Update) Zyxel security advisory for the remote code execution vulnerability of NAS and firewall products

CVE: CVE-2020-9054

Summary

Zyxel NAS (Network Attached Storage) and firewall products are affected by a remote code execution vulnerability. Users are advised to install the standard firmware patches or follow the workaround immediately for optimal protection.

What is the vulnerability?

A remote code execution vulnerability was identified in the weblogin.cgi program used in Zyxel NAS and firewall products. Missing authentication for the program could allow attackers to perform remote code execution via OS command injection.

https://www.zyxel.com/global/en/support/security-advisories/update-zyxel-security-advisory-for-the-remote-code-execution-vulnerability-of-nas-and-firewall-products
Zyxel
(Update) Zyxel security advisory for the remote code execution vulnerability of NAS and firewall products | Zyxel Networks
CVE: CVE-2020-9054   Summary Zyxel NAS (Network Attached Storage) and firewall products are affected by a remote code execution vulnerability. Users are advised to install the standard firmware patches or follow the workaround immediately for optimal protection.…
1.09K viewsedited  
SysAdmin 24x7
VMSA-2024-0005

CVSSv3 Range: 5.9
Issue Date: 2024-02-27
CVE(s): CVE-2024-22251

Synopsis:
VMware Workstation and Fusion updates address an out-of-bounds read vulnerability (CVE-2024-22251)

Impacted Products
VMware Workstation Pro / Player (Workstation)
VMware Fusion

Introduction
An out-of-bounds read vulnerability in VMware Workstation and Fusion was privately reported to VMware. Updates are available to remediate this vulnerability in the affected VMware products.

https://www.vmware.com/security/advisories/VMSA-2024-0005.html
1.15K views
SysAdmin 24x7
Ejecución remota de código en Azure de Microsoft

Fecha 27/02/2024
Importancia 5 - Crítica

Recursos Afectados
MCR VSTS CLI para Microsoft Azure

Descripción
Nitesh Surana (@_niteshsurana) de Trend Micro Research, ha notificado una vulnerabilidad de severidad crítica que podría permitir a un atacante remoto ejecutar código arbitrario.

Solución
Microsoft ha publicado una actualización para corregir esta vulnerabilidad.

https://www.incibe.es/incibe-cert/alerta-temprana/avisos/ejecucion-remota-de-codigo-en-azure-de-microsoft
www.incibe.es
Ejecución remota de código en Azure de Microsoft
Nitesh Surana (@_niteshsurana) de Trend Micro Research, ha notificado una vulnerabilidad de severidad
1.32K views
SysAdmin 24x7
Múltiples vulnerabilidades en Secure Analytics de Juniper

Fecha 29/02/2024
Importancia 5 - Crítica

Recursos Afectados
Estos problemas afectan a Juniper Networks Juniper Secure Analytics en todas las versiones anteriores a 7.5.0 UP7.

Descripción
Juniper ha publicado 14 vulnerabilidades de las cuales 2 de ellas son de severidad crítica y el resto altas y medias.

Solución
Actualizar a Juniper Secure Analytics en 7.5.0 UP7 IF05 a una versión posterior.

Las actualizaciones de software están disponibles para descargar en https://support.juniper.net/support/downloads/

https://www.incibe.es/incibe-cert/alerta-temprana/avisos/multiples-vulnerabilidades-en-secure-analytics-de-juniper
www.incibe.es
Múltiples vulnerabilidades en Secure Analytics de Juniper
Juniper ha publicado 14 vulnerabilidades de las cuales 2 de ellas son de severidad crítica y el resto
1.33K views
SysAdmin 24x7
VMSA-2024-0006.1

CVSSv3 Range: 7.1-9.3
Issue Date: 2024-03-05
CVE(s): CVE-2024-22252, CVE-2024-22253, CVE-2024-22254, CVE-2024-22255

Synopsis:
VMware ESXi, Workstation, and Fusion updates address multiple security vulnerabilities (CVE-2024-22252, CVE-2024-22253, CVE-2024-22254, CVE-2024-22255)

Impacted Products
VMware ESXi
VMware Workstation Pro / Player (Workstation)
VMware Fusion Pro / Fusion (Fusion)
VMware Cloud Foundation (Cloud Foundation)

Introduction

Multiple vulnerabilities in VMware ESXi, Workstation, and Fusion were privately reported to VMware. Updates are available to remediate these vulnerabilities in affected VMware products.

The individual vulnerabilities documented on this VMSA for ESXi have severity Important but combining these issues will result in Critical severity.

https://www.vmware.com/security/advisories/VMSA-2024-0006.html
902 views
SysAdmin 24x7
VMSA-2024-0006.1

CVSSv3 Range: 7.1-9.3
Issue Date: 2024-03-05
CVE(s):CVE-2024-22252, CVE-2024-22253, CVE-2024-22254, CVE-2024-22255

Synopsis:
VMware ESXi, Workstation, and Fusion updates address multiple security vulnerabilities (CVE-2024-22252, CVE-2024-22253, CVE-2024-22254, CVE-2024-22255)

Impacted Products
VMware ESXi
VMware Workstation Pro / Player (Workstation)
VMware Fusion Pro / Fusion (Fusion)
VMware Cloud Foundation (Cloud Foundation)

Introduction
Multiple vulnerabilities in VMware ESXi, Workstation, and Fusion were privately reported to VMware. Updates are available to remediate these vulnerabilities in affected VMware products.

The individual vulnerabilities documented on this VMSA for ESXi have severity Important but combining these issues will result in Critical severity.

https://www.vmware.com/security/advisories/VMSA-2024-0006.html
996 views
SysAdmin 24x7
Múltiples vulnerabilidades 0day en productos de Apple

Fecha 06/03/2024
Importancia 5 - Crítica

Recursos Afectados
iOS 16.7.6 y iPadOS 16.7.6
iOS 17.4 y iPadOS 17.4

Descripción
Apple ha publicado 4 vulnerabilidades, 2 de ellas de tipo 0day, que podrían permitir a un atacante eludir las protecciones de la memoria del kernel.

https://www.incibe.es/incibe-cert/alerta-temprana/avisos/multiples-vulnerabilidades-0day-en-productos-de-apple-1
www.incibe.es
[Actualización 08/03/2024] Múltiples vulnerabilidades 0day en productos de Apple
Apple ha publicado 4 vulnerabilidades, 2 de ellas de tipo 0day, que podrían permitir a un atacante elu
1.13K views
SysAdmin 24x7
VMSA-2024-0007

CVSSv3 Range: 4.3
Issue Date: 2024-03-07
CVE(s): CVE-2024-22256

Synopsis:
VMware Cloud Director updates address a partial information disclosure vulnerability (CVE-2024-22256).

Impacted Products
VMware Cloud Director

Introduction
A partial information disclosure vulnerability in VMware Cloud Director was privately reported to VMware. Updates are available to remediate these vulnerabilities in affected VMware products.

https://www.vmware.com/security/advisories/VMSA-2024-0007.html
1.18K views
SysAdmin 24x7
Cybersecurity and Infrastructure Security Agency (CISA)

You are subscribed to Cybersecurity Advisories for Cybersecurity and Infrastructure Security Agency. This information has recently been updated, and is now available.



Apple Released Security Updates for Multiple Products

03/08/2024 01:00 PM EST

Apple released security updates to address vulnerabilities in Safari, macOS, watchOS, tvOS, and visionOS. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.

CISA encourages users and administrators to review the following advisories and apply the necessary updates:
Safari 17.4
macOS Sonoma 14.4
macOS Ventura 13.6.5
macOS Monterey 12.7.4
watchOS 10.4
tvOS 17.4
visionOS 1.1

https://www.cisa.gov/news-events/alerts/2024/03/08/apple-released-security-updates-multiple-products
1.04K views
SysAdmin 24x7
Critical Fortinet flaw may impact 150,000 exposed devices

Scans on the public web show that approximately 150,000 Fortinet FortiOS and FortiProxy secure web gateway systems are vulnerable to CVE-2024-21762, a critical security issue that allows executing code without authentication.

https://www.bleepingcomputer.com/news/security/critical-fortinet-flaw-may-impact-150-000-exposed-devices/
BleepingComputer
Critical Fortinet flaw may impact 150,000 exposed devices
Scans on the public web show that approximately 150,000 Fortinet FortiOS and FortiProxy secure web gateway systems are vulnerable to CVE-2024-21762, a critical security issue that allows executing code without authentication.
1.06K views
SysAdmin 24x7
Security ID : QSA-24-09

Multiple Vulnerabilities in QTS, QuTS hero, QuTScloud, and myQNAPcloud
Release date : March 9, 2024

CVE identifier : CVE-2024-21899 | CVE-2024-21900 | CVE-2024-21901

Affected products: QTS 5.1.x, 4.5.x; QuTS hero h5.1.x, h4.5.x; QuTScloud c5.x; myQNAPcloud 1.0.x


https://www.qnap.com/en/security-advisory/qsa-24-09
1.14K views
SysAdmin 24x7
Vulnerabilidad de subida de ficheros sin restricción en ManageEngine Desktop Central

Fecha 11/03/2024
Importancia 5 - Crítica

Recursos Afectados
ManageEngine Desktop Central, versión 9, build 90055.

Descripción
INCIBE ha coordinado la publicación de una vulnerabilidad de severidad critica que afecta a ManageEngine Desktop Central (ahora conocida como Endpoint Central), una solución de seguridad y gestión de endpoints unificada que ayuda a administrar equipos de escritorio, portátiles, servidores, dispositivos móviles y tablets desde una ubicación central, la cual ha sido descubierta por Rafael Pedrero.

A esta vulnerabilidad se le ha asignado el siguiente código, puntuación base CVSS v3.1, vector del CVSS y tipo de vulnerabilidad CWE:

CVE-2024-2370: 9.8 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | CWE-434.

https://www.incibe.es/incibe-cert/alerta-temprana/avisos/vulnerabilidad-de-subida-de-ficheros-sin-restriccion-en-manageengine-desktop
www.incibe.es
Vulnerabilidad de subida de ficheros sin restricción en ManageEngine Desktop Central
INCIBE ha coordinado la publicación de una vulnerabilidad de severidad critica que afe
1.79K views
SysAdmin 24x7
Microsoft
March 2024 Security Updates

https://msrc.microsoft.com/update-guide/releaseNote/2024-Mar
1.5K views
SysAdmin 24x7
Arcserve Unified Data Protection 9.2 Multiple Vulnerabilities

Synopsis
Multiple vulnerabilities exist in Arcserve Unified Data Protection (UDP) 9.2.

CVE-2024-0799 - wizardLogin Authentication Bypass (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

An authentication bypass vulnerability exists in edge-app-base-webui.jar!com.ca.arcserve.edge.app.base.ui.server.EdgeLoginServiceImpl.doLogin(). When a NULL password is passed to the method, a UUID is used for authentication

https://www.tenable.com/security/research/tra-2024-07
Tenable®
Arcserve Unified Data Protection 9.2 Multiple Vulnerabilities
Multiple vulnerabilities exist in Arcserve Unified Data Protection (UDP) 9.2.
1.34K views