SonicWall Patches 6 Vulnerabilities in Secure Access Gateway

December 6, 2024 at 07:30AM SonicWall released urgent patches for multiple high-severity vulnerabilities in the SMA100 SSL-VPN gateway, including buffer overflow flaws (CVE-2024-45318, CVE-2024-53703) allowing remote code execution, a path traversal issue (CVE-2024-38475), and an authentication bypass (CVE-2024-45319). Users must update to firmware version 10.2.1.14-75sv. ### Meeting Takeaways: SonicWall Security Vulnerabilities Update 1. **Vulnerability Announcement**: … Read more

Researchers Uncover UEFI Vulnerability Affecting Multiple Intel CPUs

June 20, 2024 at 10:58AM Cybersecurity researchers have disclosed a now-patched security flaw in Phoenix SecureCore UEFI firmware affecting multiple Intel Core processor families. Tracked as CVE-2024-0762 with a CVSS score of 7.5, the “UEFIcanhazbufferoverflow” vulnerability allowed a local attacker to execute malicious code within the firmware, impacting devices using Phoenix SecureCore firmware on select … Read more

ASUS Patches Critical Authentication Bypass Flaw in Multiple Router Models

June 17, 2024 at 11:00AM ASUS has released software updates to address critical security flaws in its routers, including an authentication bypass vulnerability (CVE-2024-3080) with a high CVSS score of 9.8 and a buffer overflow flaw (CVE-2024-3079). These vulnerabilities could allow remote attackers to execute arbitrary commands on specific router models. Users are advised to … Read more

Delta Electronics CNCSoft-G2 DOPSoft DPAX

April 30, 2024 at 10:47AM Summary: The vulnerability report concerns Delta Electronics’ CNCSoft-G2 software, where a stack-based buffer overflow could lead to arbitrary code execution. Versions 2.0.0.5 and prior are affected. The report includes mitigation measures, a risk evaluation, affected products, technical details, and background information. CVE-2024-4192 has been assigned to this vulnerability. From the … Read more

Canon Patches 7 Critical Vulnerabilities in Small Office Printers

February 6, 2024 at 09:00AM Canon announced software updates to patch seven critical vulnerabilities impacting small office printer models. These buffer overflow bugs can be exploited for remote code execution or to cause unresponsiveness. The flaws, with a CVSS score of 9.8, affect various printer components and specific models globally. Customers are advised to install … Read more

Kinsing Cyberattackers Debut ‘Looney Tunables’ Cloud Exploits

November 6, 2023 at 06:02PM Researchers are warning about an exploit for the “Looney Tunables” vulnerability that is being used by the Kinsing cybercrime group to gain root privileges on Linux systems. This represents a change in tactics for the group, as they typically focus on automated attacks for cryptojacking. The exploit allows the attackers … Read more