Threat Report 12/10/24
Multiple Vulnerabilities in Google Android OS Could Allow for Remote Code Execution Multiple vulnerabilities have been discovered in Google Android...
Multiple vulnerabilities have been discovered in Progress MOVEit Transfer, which could allow for unauthorized database access. MOVEit Transfer is a managed file transfer software that allows the enterprise to securely transfer files between business partners and customers using SFTP, SCP, and HTTP-based uploads. If successfully exploited, an attacker could gain unauthorized access to the database, potentially compromising confidential information, user credentials, and other sensitive data. This unauthorized access could also result in unauthorized modifications and disclosure of the database content.
Affected Systems:
MOVEit Transfer versions before 2021.0.9 (13.0.9)
MOVEit Transfer versions before 2021.1.7 (13.1.7)
MOVEit Transfer versions before 2022.0.7 (14.0.7)
MOVEit Transfer versions before 2022.1.8 (14.1.8)
MOVEit Transfer versions before 2023.0.4 (15.0.4)
Risk
Remediation Recommendations
Disable all HTTP and HTTPs traffic to your MOVEit Transfer environment until a patch is released.
Apply appropriate patches and workarounds provided by Progress to vulnerable systems, immediately after appropriate testing.
Apply the Principle of Least Privilege to all systems and services. Run all software as a non-privileged user (one without administrative privileges) to diminish the effects of a successful attack.
Architect sections of the network to isolate critical systems, functions, or resources. Use physical and logical segmentation to prevent access to potentially sensitive systems and information. Use a DMZ to contain any internet-facing services that should not be exposed to the internal network. Configure separate virtual private cloud (VPC) instances to isolate critical cloud systems.
Restrict execution of code to a virtual environment on or in transit to an endpoint system.
Use capabilities to detect and block conditions that may lead to or be indicative of a software exploit occurring.
References:
https://community.progress.com/s/article/MOVEit-Transfer-2020-1-Service-Pack-July-2023
Multiple Vulnerabilities in Apple PRODUCTS COULD Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Apple Products, the most severe of which could allow for arbitrary code execution. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Affected Systems:
Risk
Remediation Recommendations
References |
|
Critical Patches Issued for Microsoft Products, July 11, 2023Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged-on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Affected Systems:
Risk
Remediation Recommendations
References
|
|
A Vulnerability in FortiOS and FortiProxy
|
|
A Vulnerability in Cisco SD-WAN vManage
|
Multiple Vulnerabilities in Google Android OS Could Allow for Remote Code Execution Multiple vulnerabilities have been discovered in Google Android...
Critical Patches Issued for Microsoft Products Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could...
Multiple Vulnerabilities in Microsoft Edge (Chromium-Based) Could Allow for Arbitrary Code Execution Multiple vulnerabilities have been discovered...