While the number of reported vulnerabilities sometimes decrease over the Christmas and New Year's holidays, active and potential exploits are no less threatening.
During the past couple weeks, Google has seen multiple vulnerabilities, including a zero-day in Chrome.
SonicWall researchers discovered that an Apache patch was incomplete, still permitting authentication bypass in open-source ERP software Apache OfBiz.
Issues with Barracuda's Email Secure Gateway persist, with an FBI safety warning about an older vulnerability still outstanding.
Your IT and security teams should stay alert and aware during holidays, consistently patching known vulnerabilities and updating systems to the most recent versions of software.
We've developed a list of recent vulnerabilities so your team can make any needed updates, including potential product removals.
The problem: Researchers on Google's threat analysis team found a zero-day vulnerability in Chrome's instance of open-source web software WebRTC. The vulnerability is a severe heap buffer overflow issue that can lead to remote code execution.
Google has already seen this vulnerability exploited in the wild.
The problem: We've mentioned Barracuda's Email Secure Gateway vulnerabilities before, but now a new one is plaguing customers.
On December 24, when Barracuda released the security notice, there was no remediation or patch available for CVE-2023-7101, the Spreadsheet::ParseExcel vulnerability, within the open-source library.
Previous vulnerabilities have affected Barracuda ESG. In August 2023, the FBI recommended that customers remove their Barracuda ESG appliances altogether after Barracuda discovered a zero-day remote command injection vulnerability in the ESG appliances.
The problem: SonicWall Capture Labs' threat research team discovered an authentication bypass vulnerability, tracked as CVE-2023-51467, in Apache OfBiz software.
Apache OfBiz is an open-source enterprise resource planning product that's part of the software supply chain and appears in multiple other products, such as Atlassian JIRA. Previously, Apache had released a patch for CVE-2023-49070, a remote code execution vulnerability.
SonicWall also developed the IPS signature IPS:15949, which is designed to detect exploitation of the OfBiz vulnerability.
Google released the initial vulnerability notice on December 14.
While Google isn't yet aware of any active exploitation, the vulnerability should be patched immediately.
Type of vulnerability: Bypassing privilege access requirements to exploit executables.
The problem: Researchers from Security Joes discovered a malicious code execution vulnerability in Windows 10 and 11.
Type of vulnerability: Secure Shell vulnerability that can lead to prefix truncation attacks.
The problem: Security researchers from Ruhr University Bochum in Germany found a Secure Shell vulnerability that allows attackers to adjust sequence numbers during a handshake process and subtly remove client or server messages.
This Cyber News was published on www.esecurityplanet.com. Publication date: Tue, 02 Jan 2024 21:13:04 +0000