#CISAWarning

Two simple give-me-control security bugs found in Optigo network switches used in critical manufacturing

by

October 2, 2024 at 04:46PM Critical security vulnerabilities with severity scores of 9.3 have been discovered in Optigo’s Spectra Aggregation Switch, potentially allowing remote attackers to inject malware into the OT network management switches running version 1.3.7 and earlier. No patches are available, and the manufacturer has issued workarounds to mitigate the vulnerabilities. The US … Read more

CISA warns critical SolarWinds RCE bug is exploited in attacks

by

August 16, 2024 at 12:40PM CISA warns of attackers exploiting a critical vulnerability in SolarWinds’ Web Help Desk (WHD) software, allowing remote code execution. SolarWinds issued a hotfix, advising administrators to apply it, while also recognizing an issue for SAML Single Sign-On users. CISA mandates federal agencies to patch WHD servers by September 5. SolarWinds … Read more

SolarWinds Web Help Desk Vulnerability Possibly Exploited as Zero-Day

by

August 16, 2024 at 06:10AM CISA warned of a critical vulnerability in SolarWinds Web Help Desk, CVE-2024-28986, allowing remote code execution. SolarWinds released a patch but noted an authentication requirement for successful exploitation. The flaw affects versions 12.4 to 12.8 and has been observed in the wild. Federal agencies must address vulnerable instances by September … Read more

Exploit released for Cisco SSM bug allowing admin password changes

by

August 8, 2024 at 03:02PM Exploit code for a critical vulnerability in Cisco Smart Software Manager On-Prem (Cisco SSM On-Prem) is now available, allowing attackers to change any user password. The company warns of the availability of proof-of-concept exploit code but has not found evidence of attacks in the wild. Administrators must upgrade affected systems … Read more

CISA warns critical Geoserver GeoTools RCE flaw is exploited in attacks

by

July 16, 2024 at 06:19PM CISA warns of actively exploited GeoServer GeoTools remote code execution flaw (CVE-2024-36401). The flaw allows arbitrary code execution and affects all GeoServer instances. Researchers demonstrated proof of concept exploits, prompting patching of versions 2.23.6, 2.24.4, and 2.25.2. CISA requires federal agencies to patch servers by August 5th, 2024, while private … Read more

PTC License Server Bug Needs Immediate Patch Against Critical Flaw

by

July 2, 2024 at 02:54PM CISA and PTC reported a critical flaw in an industrial computer-aided design software server (CVE-2024-6071), exposing systems to unauthorized remote access. A patch has been issued for affected Creo Elements/Direct License Servers, urging immediate update. PTC stated no evidence of exploitation in the wild and emphasized no impact on the … Read more

CISA warns of criminals impersonating its employees in phone calls

by

June 12, 2024 at 02:05PM Criminals are using phone calls to deceive victims into transferring money by impersonating government employees, including those at the Cybersecurity and Infrastructure Security Agency (CISA). The agency issued a warning and emphasized that its staff would never request money or secrecy. Tips were shared to avoid falling victim, including validating … Read more

High-severity GitLab flaw lets attackers take over accounts

by

May 23, 2024 at 01:50PM GitLab addressed a high-severity XSS vulnerability allowing unauthenticated attackers to compromise user accounts. Additionally, six medium-severity flaws were fixed, including a CSRF issue and a denial-of-service bug. These vulnerabilities allowed for account takeovers and disruption of services. GitLab urged immediate software updates due to potential impacts on sensitive data and … Read more

US faith-based healthcare org Ascension says ‘cybersecurity event’ disrupted clinical ops

by

May 9, 2024 at 03:21PM Ascension, a leading healthcare organization in the US, has detected a cybersecurity event affecting its network. The disruption has led to clinical operations being impacted, with a potential involvement of ransomware. The incident is part of a string of cyber attacks on the healthcare industry, prompting calls for stronger cyber … Read more

1,400 GitLab Servers Impacted by Exploited Vulnerability

by

May 2, 2024 at 08:09AM GitLab’s email verification vulnerability, tracked as CVE-2023-7028 and with a severity score of 10/10, allowed for password hijacking. GitLab has patched this issue in versions 16.5.6, 16.6.4, and 16.7.2. CISA warns of active exploitation and federal agencies must address vulnerable instances by May 22 under BOD 22-01. All organizations should … Read more