End-of-the-month Security Alerts for September 2023
Here are newly identified product-alerts and cyber-security highlights for the last week of September: 1. Google Chrome Zero-Day Vulnerability; 2. Microsoft Internet Connection Sharing (ICS) Remote Code Execution Vulnerability; 3. Cisco Catalyst SD-WAN Manager Vulnerabilities
Citrix Gateway & Citrix ADC remote code exploit (CVE-2022-27518)
Apply latest patch to mitigate zero-day vulnerability CVE-2022-27518 — A vulnerability has been discovered in Citrix Gateway and Citrix ADC, listed below, that, if exploited, could allow an unauthenticated remote attacker to perform arbitrary code execution on the appliance.
iManage Security Vulnerability due to third-party Apache component Log4j
If not mitigated, potential remote exploits to an Apache component called Log4J can be executed by a malicious attacker. This vulnerability is known worldwide as CVE-2021-44228. Check this iManage Security Advisory.
Alert: Third-party Security Vulnerability Affects On-Premises versions of iManage Systems (Apache)
The iManage Security team identified a vulnerability affecting on-premises versions of iManage products.
It is an exploit targeting the Apache HTTP Server which if not mitigated, can be exploited under certain conditions.
[Update] On-Premises Microsoft Exchange Server Zero-Day Vulnerability
Microsoft has released a patch to mitigate to this vulnerability, we can’t deny the fact that this security flaw has already been exploited by numerous criminal organization – developing into a new ransomware attack and other potential malicious activities. Check this post for options & solutions.
Advisory: HAFNIUM targeting Exchange Servers with Critical 0-day Exploits
Hafnium operators deploy web shells on compromised server, creating software backdoors that allow attackers to steal data and perform additional malicious actions that lead to further compromise.