End-of-the-month Security Alerts for September 2023

Here are newly identified product-alerts and cyber-security highlights for the last week of September: 1. Google Chrome Zero-Day Vulnerability; 2. Microsoft Internet Connection Sharing (ICS) Remote Code Execution Vulnerability; 3. Cisco Catalyst SD-WAN Manager Vulnerabilities

Citrix Gateway & Citrix ADC remote code exploit (CVE-2022-27518)

Citrix Gateway & ADC security alert for December 2022

Apply latest patch to mitigate zero-day vulnerability CVE-2022-27518 — A vulnerability has been discovered in Citrix Gateway and Citrix ADC, listed below, that, if exploited, could allow an unauthenticated remote attacker to perform arbitrary code execution on the appliance.

[Update] On-Premises Microsoft Exchange Server Zero-Day Vulnerability

Microsoft Alert

Microsoft has released a patch to mitigate to this vulnerability, we can’t deny the fact that this security flaw has already been exploited by numerous criminal organization – developing into a new ransomware attack and other potential malicious activities. Check this post for options & solutions.