Take action on the latest cybersecurity events

Cybersecurity advisories and events as they happen, with a clear action you can take.

Microsoft has resolved CVE-2023-36052, a critical Azure CLI vulnerability that exposed user credentials in GitHub Actions and Azure DevOps logs, urging users to update to Azure CLI version 2.53.1 or newer to mitigate the risk and adopt enhanced security practices.
The FRICK Quantum HD Unity System Controller has a severe security vulnerability (CVE-2023-4804, CVSS3 score 10) that allows unauthorized debug access, impacting various versions of Johnson Controls devices which require firmware updates for mitigation.
A critical zero-day vulnerability (CVE-2023-47246) in SysAid IT support software exploited by Lace Tempest, an affiliate of the Cl0p ransomware group, has been discovered by Microsoft's Threat Intelligence team. The vulnerability enables unauthorized system access and arbitrary code execution. SysAid has released a patch and urged customers to update their systems while providing indicators of compromise to detect any suspicious activities.
Veeam has issued an alert for critical vulnerabilities in its Veeam ONE monitoring platform, releasing hotfixes for two severe remote code execution risks and two less critical issues impacting all supported versions.
QNAP Systems addressed two critical security vulnerabilities (CVE-2023-23368 and CVE-2023-23369) in its NAS devices, providing updates to mitigate remote command execution risks and advising administrators to update their systems to protect against potential ransomware attacks.
A critical security flaw, CVE-2023-5765, in Remote Desktop Manager (RDM) could allow attackers to execute arbitrary code via malformed TCP packets, affecting all versions before 2023.2.34 and prompting urgent updates.
A severe vulnerability with a CVSS score of 9.9, designated as CVE-2023-20048, has been identified in Cisco's FMC Software, allowing attackers with valid credentials to execute unauthorized commands on managed Cisco Firepower Threat Defense devices due to insufficient validation of user permissions.
Weintek's EasyBuilder Pro software, used for creating HMI GUIs, is critically vulnerable (CVE-2023-5777, CVSS 9.8) due to hard-coded credentials that could allow unauthorized remote access. Updates are available to address the issue.
Slovenian industrial informatics company INEA identified a critical vulnerability (CVE-2023-35762, CVSS v3 score 9.9) in their ME RTU firmware versions up to 3.36b, allowing potential unauthorized remote code execution and improper "root" account authentication. The users are urged to update to version 3.37, with key sectors impacted including Energy, Water/Wastewater Treatment, and Transportation.
Atlassian urgently warns of a critical flaw (CVE-2023-22518) in its on-premise Confluence products, which can lead to significant data loss, urging upgrades to specific versions or the latest possible version.