1. Home
  2. Cybersecurity Events

Take action on the latest cybersecurity events

Cybersecurity advisories and events as they happen, with a clear action you can take.

WordPress Kirotech UserPro plugin multiple vulnerabilities, two critical
published: Nov. 22, 2023
The Wordfence Threat Intelligence team disclosed multiple critical vulnerabilities in the widely-used Kirotech's UserPro WordPress plugin, advising immediate update to the patched version 5.1.5.
Take action: If you are using the Kirotech plugin UserPro on WordPress, please update to version 5.1.5 immediately. As of today the vulnerabilities with great detail of examples are publicly available, and sites will be targeted.
Exploit proof of concept released for CrushFTP, patch ASAP
published: Nov. 18, 2023
A critical vulnerability in CrushFTP allows unauthenticated attackers to execute code and access sensitive data via a mass-assignment flaw, prompting urgent patching and additional mitigations.
Take action: If you are using CrushFTP, patch ASAP. Since it's a file transfer server, it's unlikely you can lock it down to internal network. Even if you patch, enable automated security updates, and add more controls through a more secure password algorithm use in CrushFTP and run the server in a limited privilege system account. Or just wait for the hackers to find you.
Fortinet reports critical command injection vulnerability in FortiSIEM
published: Nov. 16, 2023
Fortinet warns of a critical vulnerability (CVE-2023-36553) in its FortiSIEM report server that could be exploited by remote attackers, potentially allowing unauthorized command execution via specially crafted API requests. Fortinet advises affected users to upgrade to recommended versions for protection.
Take action: Hopefully your FortiSIEM is isolated and accessible only from trusted networks. If not, lock it down quickly and plan for a patch effort. API requests are not immediately exploitable since some credentials are needed to send requests, but a hacker can compromise another component of the infrastructure and then cascade the exploits to a vulnerable FortiSIEM.
Aruba Networks fixes 14 vulnerabilities in access point OS, three are critical
published: Nov. 16, 2023
Aruba Networks has released patches for 14 security flaws affecting various versions of ArubaOS and InstantOS, with three critical vulnerabilities related to the PAPI protocol enabling potential unauthenticated remote code execution and file deletion, and recommends upgrading to specified versions or doing a workaround mitigation.
Take action: If you are using Aruba equipment, check the OS versions - it's probably in the vulnerable range of OS. Lock down the management UDP/8211 port only to trusted networks and implement the `cluster-security` workaround if applicable. Then start patching ASAP. Aruba products are network devices, by their very nature they are exposed and difficult to lock down.
Vulnerability reported in Solana's Saga phone, Solana refutes
published: Nov. 15, 2023
CertiK has reported a serious security flaw in the Solana Saga smartphone, which has an integrated hardware wallet for secure Web3 and cryptocurrency operations. A video posted by CertiK suggests that attackers could potentially unlock the bootloader to install a backdoor and gain root access, posing a significant risk to the security of users' cryptocurrency data. Solana Labs disputes this claim, arguing that the bootloader unlocking process requires user authentication and multiple steps that would be evident to the device owner, as it also results in data deletion—a detail users are clearly warned about.
SAP November 2023 patch fixes critical severity flaw of SAP Business One, other issues
published: Nov. 15, 2023
The SAP Security Patch Day in November 2023 introduced six security advisories, with the most critical being an improper access control vulnerability in SAP Business One (CVE-2023-31403) and an update to the fix for missing authorization check in SAP CommonCryptoLib (CVE-2023-40309), with no known exploits yet reported.
Take action: The users of SAP Business One should plan for a quick patch, as well as re-deployment of the patch for CommonCryptoLib in various systems. If your SAP system is visible from the internet, act immediately. Otherwise, plan the patch in the next cycle but don't delay.
Intel patch release fixes over 100 issues including multiple high and critical flaws
published: Nov. 15, 2023
Intel issued 31 advisories covering approximately 105 vulnerabilities, notably patching a high-risk CPU flaw called Reptar (CVE-2023-23583) and a critical vulnerability in its DCM software (CVE-2023-31273), alongside nine other high-severity issues affecting various products.
Take action: If you are using Intel products, software and management tools review the advisory in detail and plan for patching of the systems. There are 10 serious issues that can become exploited items in the next months.
VMware issues critical warning of their Cloud Director product
published: Nov. 15, 2023
VMware has alerted users to a critical, unresolved security flaw (CVE-2023-34060, CVSS score 9.8) in Cloud Director 10.5 upgraded instances that allows attackers network access to bypass authentication on certain ports. A temporary shell script fix is available that does not disrupt service.
Take action: If you are using VMware Cloud Director that was updated to 10.5 from previous versions, apply the workaround at earliest convenience. The issue isn't immediately exploitable, but don't skip this fix, and the subsequent patch.
Microsoft patch release for November 2023, fixes 5 actively exploited issues, 58 flaws
published: Nov. 14, 2023
In November 2023, Microsoft addressed 58 security issues, including 5 zero-day vulnerabilities, through its Patch Tuesday updates. These updates spanned a range of products, including Azure, Microsoft Edge, Office and other Microsoft different software and tackled various vulnerabilities from remote code execution to information disclosure.
Take action: This time it's not just about patching your Windows PC. Take the time to read through the advisory, since the vulnerable products are software library, drivers, office and other products. Plan for fast patching of the zero-day exploited issues. For the others, a standard patching discipline is prudent.
Adobe releases patches for critical issues in Acrobat, Reader, ColdFusion
published: Nov. 14, 2023
Adobe's Patch Tuesday updates rectified 72 security flaws, including critical executable code vulnerabilities in Acrobat and Reader, and other high-risk issues in ColdFusion, InDesign, Photoshop, and more, affecting multiple versions across Windows and macOS platforms.
Take action: Time to update your Adobe Acrobat applications and ColdFusion systems. Don't delay, the Acrobat fix is quite easy and the ColdFusion platform is visible on the internet so it's going to get attacked soon.