While this week was a little light on vulnerability news, it's still been significant, with Microsoft's Patch Tuesday happening as well as updates for major products, like Zoom.
Akira ransomware vulnerabilities have also surfaced in older Cisco products, and SolarWinds patched some remote code execution flaws in its Access Rights Manager product.
Your IT teams should regularly check your vendors' security bulletins for any vulnerability news or updates.
Also keep an eye on the last few weeks' vulnerability recaps, especially because we've seen repeat products that continue to be exploited.
The problem: Zoom recently patched a flaw that affected three of its Windows-facing software products: Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows.
The vulnerability, an improper input validation flaw, could permit unauthenticated users to access a network and then escalate their privileges.
The fix: The most recent version of the Zoom client fixes this vulnerability.
Users can download it manually, by navigating to Zoom's download page, or automatically, by opting to download the latest version when Zoom prompts them to do so.
Type of vulnerability: Multiple vulnerabilities, including remote code execution and privilege escalation.
The problem: Microsoft patched 73 vulnerabilities in its most recent Patch Tuesday event, which occurs every month.
Among the vulnerabilities is CVE-2024-21412, an Internet Shortcut Files flaw that allows an unauthenticated attacker to send a malicious file to a user.
Type of vulnerability: Remote unauthenticated access and potential credential data theft.
The problem: Researchers at cybersecurity company Truesec uncovered data that indicated Akira ransomware might be exploiting an old vulnerability within Cisco Adaptive Security Appliance and Firepower Threat Defense.
The vulnerability, CVE-2020-3259, was first discovered in May 2020.
On Thursday, February 15, the Cybersecurity and Infrastructure Security Agency added the vulnerability to its catalog after reports that it might be actively exploited again.
The problem: SolarWinds recently patched five remote code execution vulnerabilities in its Access Rights Manager product, which provisions, deprovisions, and manages employee access rights.
Three of the vulnerabilities have a critical CVE rating.
The fix: Upgrade all older versions of Access Rights Manager to 2023.2.3, which fixes all five of the RCE vulnerabilities.
The vulnerability exists in ExpressVPN Version 12 for Windows.
ExpressVPN first published the bulletin about this vulnerability early in February but updated it mid-February.
This Cyber News was published on www.esecurityplanet.com. Publication date: Mon, 19 Feb 2024 23:13:04 +0000