Tag: vulnerability
Cybersecurity Threat Advisory: VMware critical code vulnerability
VMware has published a security advisory regarding a critical out-of-bounds write vulnerability (CVE-2023-34048) that has been fixed in the latest updates by VMware. The vulnerability shared in this Cybersecurity Threat Advisory has received a critical severity rating by VMware. It...
Cybersecurity Threat Advisory: 3 High-severity CISCO vulnerabilities discovered
In the latest Cybersecurity Threat Advisory, Cisco has addressed three high-severity vulnerabilities within its NX-OS and FXOS software, which have the potential to trigger denial-of-service (DoS) conditions. These vulnerabilities could be exploited by malicious actors to disrupt the normal functioning...
Cybersecurity Threat Advisory: Critical MOVEit transfer vulnerability
A critical vulnerability has been discovered in MOVEit Transfer, a commonly used managed file transfer (MFT) solution developed by Progress Software. This vulnerability allows remote attackers to execute arbitrary code on affected systems. The vulnerability is actively exploited in the...
Cybersecurity Threat Advisory: Critical PaperCut vulnerability actively exploited
A new vulnerability, CVE-2023-27350, has been discovered which affects PaperCut MF and NG print management software. Successful exploitation of the vulnerability would allow attackers to access sensitive user information (usernames, email addresses, office/department information, and card numbers) without authentication. A...
Cybersecurity Threat Advisory: New Fortinet vulnerability
Fortinet has released information concerning a FortiOS & FortiProxy Heap Buffer administrative interface vulnerability with a CVSS score of 9.3. The vulnerability allows an unauthenticated attacker to execute commands on the device and/or perform a denial-of-service (DoS) attack on the...
Cybersecurity Threat Advisory: Palo Alto PAN-OS vulnerability
This week, Palo Alto released a patch for PAN-OS’ vulnerability (CVE-2022-0028). This vulnerability is actively being targeted by threat actors. Firewalls running PAN-OS could permit an attacker to perform a Denial-of-Service (DoS) attack. Barracuda MSP recommends updating affected Palo Alto...
Cybersecurity Threat Advisory: OpenSSL vulnerability
Two vulnerabilities were discovered in OpenSSL version 3.0.4 that impacts RSA Private Keys and AES OCB Encryption operations. These vulnerabilities cause an incorrect RSA implementation for 2048-bit private keys that can lead to memory corruption while the device is in...
Cybersecurity Threat Advisory: New Microsoft Azure vulnerability
Researchers at Point 42 discovered a flaw in Microsoft Azure’s Fabric, dubbed ‘FabricScape’, propagating the ongoing series of vulnerabilities that the platform has been facing. This vulnerability allows bad actors using Linux to escalate their own privileges to the extent...
Cybersecurity Threat Advisory: Mitel VoIP vulnerability
A known remote code execution vulnerability, CVE-2022-29499, was discovered with the Linux-based Mitel VoIP (Voice over Internet Protocol) application. Once exploited, this vulnerability allows a threat actor to gain root privileges to the system and plant ransomware. Barracuda MSP recommends...
Cybersecurity Threat Advisory: Apple Safari arbitrary code execution vulnerability
Apple has had an existing arbitrary code execution vulnerability in their MacOS, iOS, iPadOS, and Safari in their past 3 zero-days known as CVE-2022-22620. Google and Barracuda MSP researchers are making sure users don’t forget this. The vulnerability could allow...
