#PatchManagement – Page 7

Siemens Sicam Vulnerabilities Could Facilitate Attacks on Energy Sector

June 26, 2024 by Xynik

June 26, 2024 at 06:05AM Recently, Siemens patched high-severity vulnerabilities in Sicam products: A8000, EGS grid sensors, and 8 power automation software, affecting energy sector security. The flaws allow sensitive data theft, command injection, and password exposure, potentially enabling arbitrary code execution and network destabilization. SEC Consult credited for discovery, with a potential real-world attack … Read more

‘Mirai-like’ botnet observed attacking EOL Zyxel NAS devices

June 24, 2024 by Xynik

June 24, 2024 at 10:41AM Early attacks are targeting end-of-life Zyxel NAS boxes following the disclosure of three critical vulnerabilities. The Shadowserver Foundation observed attempts of remote command execution by a botnet and advised users to check for compromise signs. It’s recommended to patch affected devices or consider upgrading for enhanced security, given the lack … Read more

Critical VMware Bugs Open Swaths of VMs to RCE, Data Theft

June 18, 2024 by Xynik

June 18, 2024 at 04:34PM Broadcom releases fixes for three vulnerabilities in VMware vCenter, with two critical vulnerabilities allowing remote code execution. The vulnerabilities could allow attackers to execute code on managed VMs. In addition, there are patch updates for local privilege escalation vulnerabilities. VMware, with a large customer base, faces increased risk due to … Read more

VMware fixes critical vCenter RCE vulnerability, patch now

June 18, 2024 by Xynik

June 18, 2024 at 02:11PM VMware has issued a security advisory for critical vulnerabilities in vCenter Server, impacting versions 7.0 and 8.0, and Cloud Foundation versions 4.x and 5.x. The vulnerabilities include remote code execution and local privilege escalation flaws. The vendor has released fixes for the vulnerabilities and advises applying updates promptly to mitigate … Read more

VMware Issues Patches for Cloud Foundation, vCenter Server, and vSphere ESXi

June 18, 2024 by Xynik

June 18, 2024 at 04:33AM VMware has issued updates to fix critical vulnerabilities affecting Cloud Foundation, vCenter Server, and vSphere ESXi. These flaws could lead to privilege escalation and remote code execution. The vulnerabilities include heap-overflow flaws and local privilege escalation issues. While there are no known active exploits, users are urged to promptly apply … Read more

An Argument for Coordinated Disclosure of New Exploits

May 30, 2024 by Xynik

May 30, 2024 at 10:06AM In 2023, over 23,000 vulnerabilities were disclosed, leading to a race to release exploits. Coordinated disclosure involves alerting vendors and waiting to publicly release findings. Full disclosure argues for immediate transparency to prompt patches. Responsible disclosure is crucial due to the potential exploitation of vulnerabilities. Publicly releasing exploit research can … Read more

Veeam says critical flaw can’t be abused to trash backups

May 23, 2024 by Xynik

May 23, 2024 at 10:41AM Veeam addressed a critical vulnerability in its Backup Enterprise Manager, CVE-2024-29849, which could allow unauthorized access to the VBEM web interface. Although attackers could log in as any user, Veeam confirmed that the flaw wouldn’t lead to backups being deleted due to the immutable backups and authorization measures. Customers are … Read more

The truth about KEV: CISA’s vuln deadlines good influence on private-sector patching

May 7, 2024 by Xynik

May 7, 2024 at 07:34AM CISA’s Known Exploited Vulnerabilities (KEV) catalog, aimed at federal agencies, is also positively impacting private organizations, reducing average remediation time to under 175 days, compared to 621 for unlisted vulnerabilities. While both sectors often miss CISA deadlines, private organizations face longer patch times, with technology firms the fastest at 93 … Read more

Critical GitLab Bug Under Exploit Enables Account Takeover, CISA Warns

May 3, 2024 by Xynik

May 3, 2024 at 12:22PM CISA reports an active attack targeting GitLab’s CVE-2023-7028 vulnerability, enabling bad actors to reset account passwords and take control. The severity of the bug necessitates prompt action and patching. Security experts emphasize the importance of multifactor authentication, zero-trust architecture, and privileged access management to counter the exploit and safeguard against … Read more

CISA says GitLab account takeover bug is actively exploited in attacks

May 1, 2024 by Xynik

May 1, 2024 at 12:33PM CISA warns of active exploitation of a critical GitLab vulnerability (CVE-2023-7028), allowing attackers to hijack accounts via password resets, potentially leading to supply chain attacks. While 2FA-protected accounts are safe, unpatched systems are at risk. GitLab has released fixes, and CISA urges prompt patching, especially for federal agencies and private … Read more