US-CERT Vulnerability Summary for the Week of March 20, 2023
Bulletins provide weekly summaries of new vulnerabilities. Patch information is provided when available.
InfoSec News & Tutorials
Bulletins provide weekly summaries of new vulnerabilities. Patch information is provided when available.
Email inboxes of NATO, diplomats, and government and military officials are being targeted by an APT group whose operations appear to be in support of Russian and Belarussian geopolitical goals.…
The advanced persistent threat (APT) actor known as Winter Vivern is now targeting officials in Europe and the U.S. as part of an ongoing cyber espionage campaign. "TA473 since at…
The Cyber Police of Ukraine, in collaboration with law enforcement officials from Czechia, has arrested several members of a cybercriminal gang that set up phishing sites to target European users.…
Organizations rely on Incident response to ensure they are immediately aware of security incidents, allowing for quick action to minimize damage. They also aim to avoid follow on attacks or…
Enterprise communications software maker 3CX on Thursday confirmed that multiple versions of its desktop app for Windows and macOS are affected by a supply chain attack. The version numbers include…
LockBit 3.0 Ransomware NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers…
LockBit 3.0 Ransomware NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers…
LockBit 3.0 Ransomware NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers…
LockBit 3.0 Ransomware NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers…
LockBit 3.0 Ransomware NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers…
NAME__________lambdaisland/uri security bypassPlatforms Affected:lambdaisland/uri lambdaisland/uri 1.13.95Risk Level:5.4Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________lambdaisland/uri could allow a remote attacker to bypass security restrictions, caused by a flaw with authority-regex function returns the wrong authority. By…
NAME__________WordPress Ping Optimizer Plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress WordPress Ping Optimizer Plugin for WordPress 2.35.1.2.3Risk Level:6.5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________WordPress Ping Optimizer Plugin for WordPress is vulnerable to cross-site request…
NAME__________IEEE 802.11 spoofingPlatforms Affected:IEEE 802.11Risk Level:7.5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________IEEE 802.11 could allow a remote attacker to conduct spoofing attacks, caused by an improper implemented authentication schemes flaw in the Packet Routing…
NAME__________Apple macOS Ventura, iOS and iPadOS information disclosurePlatforms Affected:Apple macOS Ventura 13.2 Apple iOS 16.3 Apple iPadOS 16.3Risk Level:6.2Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Apple macOS Ventura, iOS and iPadOS could allow a local…
NAME__________Apple macOS Ventura, iOS and iPadOS security bypassPlatforms Affected:Apple macOS Ventura 13.2 Apple iOS 16.3 Apple iPadOS 16.3Risk Level:7.7Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Apple macOS Ventura iOS and iPadOS could allow a local…
NAME__________RouterOS denial of servicePlatforms Affected:Risk Level:5.3Exploitability:Proof of ConceptConsequences:Denial of Service DESCRIPTION__________RouterOS is vulnerable to a denial of service, caused by memory corruption in the bridge2 component. By sending specially-crafted packers,…
NAME__________Apple macOS Ventura, iOS and iPadOS security bypassPlatforms Affected:Apple macOS Ventura 13.2 Apple iOS 16.3 Apple iPadOS 16.3Risk Level:6.5Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Apple macOS Ventura iOS and iPadOS could allow a remote…
NAME__________Ruijie Networks RG-EW1200G PRO, Ruijie Networks RG-EW1800GX PRO, and Ruijie Networks RG-EW3200GX PRO command executionPlatforms Affected:Risk Level:6.3Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________Ruijie Networks RG-EW1200G PRO, Ruijie Networks RG-EW1800GX PRO, and Ruijie…
NAME__________Hitachi SDM600 privilege escalationPlatforms Affected:Hitachi Energy SDM600Risk Level:7.5Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Hitachi SDM600 could allow a local authenticated attacker to gain elevated privileges on the system. By sending a specially crafted request,…
NAME__________JetBrains TeamCity cross-site scriptingPlatforms Affected:Risk Level:4.6Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________JetBrains TeamCity is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the Pending changes and Changes tabs. A remote…
NAME__________Hitachi SDM600 security bypassPlatforms Affected:Hitachi Energy SDM600Risk Level:4.8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Hitachi SDM600 could allow a remote attacker to bypass security restrictions, caused by a flaw in API permission check mechanism. By…
NAME__________F5 NGINX Ingress Controller information disclosurePlatforms Affected:F5 NGINX Agent 2.23.2Risk Level:6.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________F5 NGINX Ingress Controller could allow a remote authenticated attacker to obtain sensitive information, caused by inserting sensitive…
NAME__________JetBrains TeamCity cross-site scriptingPlatforms Affected:Risk Level:4.6Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________JetBrains TeamCity is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the Perforce connection settings. A remote authenticated attacker…