OpenText Software Contains Critical Flaws

OpenText software is known for its abilities in enterprise content management (ECM), but a recent security issue reveals it may have serious flaws in security. The vendor disclosed that OpenText software has critical flaws that could enable remote code execution on vulnerable systems. The security issue affects thousands of devices running its Enterprise Connect and Enterprise Mobile Connect products. OpenText issued a security advisory warning customers about the severity of the threats posed by these critical Home Office Digital Security (HODS) vulnerabilities. The advisory said that affected systems could allow an attacker to execute arbitrary code on the vulnerable device. This could allow an attacker to gain full access to the system and steal confidential information or take over the entire system. OpenText is a Canadian software company and is the provider of Enterprise Content Management software applications. It provides cloud-based ECM services and on-premises software solutions for organizations to manage and store information. The vendor’s products are widely used in the healthcare, government, education and financial industries. OpenText has addressed the vulnerability with a patch update and released recommendations on how to apply the patch and how to address the vulnerability. The vendor urges customers to update their systems with the patch to protect against the potential of a malicious attack. It is important to take OpenText’s critical errors seriously and to update all vulnerable systems with the patch as soon as possible. OpenText’s security advisory and the patched version of its Enterprise Connect and Enterprise Mobile Connect applications can be accessed through its website. Taking the necessary steps to safeguard one’s network and systems should be a priority for all users who use OpenText products.

This Cyber News was published on securityaffairs.com. Publication date: Mon, 23 Jan 2023 12:11:03 +0000


Cyber News related to OpenText Software Contains Critical Flaws

OpenText Joins the Joint Cyber Defense Collaborative to Enhance US Government Cybersecurity - This collaborative effort, established by the Cybersecurity and Infrastructure Security Agency, is dedicated to elevating the cybersecurity posture of the U.S. government and its strategic international partners. As a member, OpenText will support ...
8 months ago Darkreading.com
OpenText Software Contains Critical Flaws - OpenText software is known for its abilities in enterprise content management (ECM), but a recent security issue reveals it may have serious flaws in security. The vendor disclosed that OpenText software has critical flaws that could enable remote ...
1 year ago Securityaffairs.com
Critical Vulnerabilities Patched In OpenText Enterprise Content Management System - On April 30, Open Text released a security alert regarding nine critical vulnerabilities found in its Enterprise Content Management System (ECM). OpenText is a software vendor based in Waterloo, Canada, providing enterprise solutions for content, ...
1 year ago Securityweek.com
OpenText report raises awareness for consumer digital life protection as privacy concerns increase with generative AI use - Webroot Blog - Additionally, while consumers have taken steps to protect their personal information, only 27% use privacy tools and settings to protect workplace information when using generative AI. Consumers can better protect their sensitive information from ...
1 month ago Webroot.com
Discovering SSRF Flaws in Microsoft Azure Services - Microsoft Azure is an incredibly popular cloud computing platform and its services are used around the world. Recently, security researchers uncovered several Server-Side Request Forgery (SSRF) flaws in many of Microsoft Azure’s services. This type ...
1 year ago Securityaffairs.com
What Is Software Piracy? - Software piracy has become a worldwide issue, with China, the United States and India being the top three offenders. In 2022, 6.2% of people worldwide visited software piracy websites. Software piracy doesn't require a hacker or skilled coder. Any ...
11 months ago Pandasecurity.com
Over 1,450 pfSense servers exposed to RCE attacks via bug chain - Roughly 1,450 pfSense instances exposed online are vulnerable to command injection and cross-site scripting flaws that, if chained, could enable attackers to perform remote code execution on the appliance. PfSense is a popular open-source firewall ...
10 months ago Bleepingcomputer.com
Microsoft: Multiple Perforce Server Flaws Allow for Network Takeover - Microsoft has identified four vulnerabilities in the Perforce source-code management platform, the most critical of which gives attackers access to a highly privileged Windows OS account to potentially take over the system via remote code execution ...
10 months ago Darkreading.com
Google Chrome Six Flaws: Should You be Worried? - Google Chrome is one of the most widely used web browsers around the world, and while it is generally more secure than its predecessors, multiple security flaws have been recently revealed that users should be aware of. Recently, the Google Chrome ...
1 year ago Securityaffairs.com
The Crucial Need for a Secure Software Development Lifecycle in Today's Digital Landscape - In today's increasingly digital world, software is the backbone of business operations, from customer-facing applications to internal processes. The rapid growth of software development has also made organizations more vulnerable to security threats. ...
10 months ago Cyberdefensemagazine.com
Exploits released for critical Jenkins RCE flaw, patch now - Multiple proof-of-concept exploits for a critical Jenkins vulnerability allowing unauthenticated attackers to read arbitrary files have been made publicly available, with some researchers reporting attackers actively exploiting the flaws in attacks. ...
9 months ago Bleepingcomputer.com
Microsoft December 2023 Patch Tuesday fixes 34 flaws, 1 zero-day - Today is Microsoft's December 2023 Patch Tuesday, which includes security updates for a total of 34 flaws and one previously disclosed, unpatched vulnerability in AMD CPUs. While eight remote code execution bugs were fixed, Microsoft only rated three ...
10 months ago Bleepingcomputer.com
MOVEit Transfer Flaws Push Security Defense Into a Race With Attackers - Attackers appear to be pounding away at a couple of critical bugs that Progress Software disclosed this week in its MOVEit file transfer application, with nearly the same ferocity as they did the zero-day flaw the company disclosed almost exactly a ...
4 months ago Darkreading.com
CISA adds Check Point Quantum Security Gateways and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog - CISA adds Apache Flink flaw to its Known Exploited Vulnerabilities catalog. CISA adds D-Link DIR router flaws to its Known Exploited Vulnerabilities catalog. CISA adds Google Chrome zero-days to its Known Exploited Vulnerabilities catalog. CISA adds ...
5 months ago Securityaffairs.com
Microsoft Patch Tuesday: Critical Spoofing and Remote Code Execution Flaws - Microsoft on Tuesday rolled out fixes for several critical security flaws in the Windows ecosystem and warned that hackers could target these issues to take complete control of unpatched machines. As part of its regular Patch Tuesday releases, ...
10 months ago Securityweek.com
Threat Groups Rush to Exploit JetBrains' TeamCity CI/CD Security Flaws - The cyberthreats to users of JetBrains' TeamCity CI/CD platform continue to mount a week after the company issued two fixes to security vulnerabilities, with one cybersecurity vendor noting a ransomware attack that included exploiting the flaws for ...
7 months ago Securityboulevard.com
Microsoft March 2024 Patch Tuesday fixes 60 flaws, 18 RCE bugs - Today is Microsoft's March 2024 Patch Tuesday, and security updates have been released for 60 vulnerabilities, including eighteen remote code execution flaws. This Patch Tuesday fixes only two critical vulnerabilities: Hyper-V remote code execution ...
7 months ago Bleepingcomputer.com
Fortinet warns of critical RCE bug in endpoint management software - Fortinet patched a critical vulnerability in its FortiClient Enterprise Management Server software that can allow attackers to gain remote code execution on vulnerable servers. FortiClient EMS enables admins to manage endpoints connected to an ...
7 months ago Bleepingcomputer.com
Privilege elevation exploits used in over 50% of insider attacks - Elevation of privilege flaws are the most common vulnerability leveraged by corporate insiders when conducting unauthorized activities on networks, whether for malicious purposes or by downloading risky tools in a dangerous manner. A report by ...
11 months ago Bleepingcomputer.com
Sav-Rx data breach impacted over 2.8 million individuals - Microsoft Patch Tuesday security updates for May 2024 fixes 2 actively exploited zero-days. Nation-state actors exploited two zero-days in ASA and FTD firewalls to breach government networks. Microsoft fixed two zero-day bugs exploited in malware ...
5 months ago Securityaffairs.com
12 Software Dev Predictions for Future - Predicting the future of software development trends is always a tough call. Such trends will also rule the future of the software development industry. Analyzing these future software development trends will put enthusiasts ahead of the competition. ...
10 months ago Feeds.dzone.com
Understanding SBOMs - In recent years, the adoption of open-source software in development has surged, now comprising up to 90% of what's built. There is a crucial aspect to consider when integrating open-source software components. To make sure their software is safe, ...
10 months ago Securityboulevard.com
178K+ SonicWall Firewalls Vulnerable to DoS, RCE Attacks - Two unauthenticated denial-of-service vulnerabilities are threatening the security of SonicWall next-generation firewall devices, exposing more than 178,000 of them to both DoS as well as remote code execution attacks. SonicWall products affected are ...
9 months ago Darkreading.com
New ATM Malware family emerged in the threat landscape - Threat actors may have exploited a zero-day in older iPhones, Apple warns. Microsoft fixed two zero-day bugs exploited in malware attacks. Threat actors actively exploit JetBrains TeamCity flaws to deliver malware. Raspberry Robin spotted using two ...
5 months ago Securityaffairs.com
Tax Season Alert: Common scams and cracked software - OpenText is committed to providing you with the latest intelligence and tips to safeguard your digital life, especially during high-risk periods like tax season. Our threat analysts are constantly monitor the ebb and flow of various threats. One ...
9 months ago Webroot.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)