#CVE202439891

Organizations Warned of Exploited Twilio Authy Vulnerability

July 24, 2024 by Xynik

July 24, 2024 at 10:42AM CISA added a recent Twilio Authy bug, tracked as CVE-2024-39891, to its Known Exploited Vulnerabilities catalog due to an information disclosure issue. Twilio warned of the vulnerability and urged users to update to versions 25.1.0 for Android and 26.1.0 for iOS. No Twilio systems were compromised, and CISA urged vulnerable … Read more

CISA Adds Twilio Authy and IE Flaws to Exploited Vulnerabilities List

July 24, 2024 by Xynik

July 24, 2024 at 03:04AM The U.S. CISA has added two security flaws to its Known Exploited Vulnerabilities catalog, including a decade-old use-after-free vulnerability in Internet Explorer and an information disclosure bug in Twilio Authy. CISA advised FCEB agencies to remediate the vulnerabilities by August 13, 2024, to protect against active threats. From the meeting … Read more