ASUS warns router customers: Patch now, or block all inbound requests
“Do as we say, not as we do!” – The patches took ages to come out, but don’t let that lure you into taking ages to install them.
RCE
Fortinet urges to patch a critical RCE flaw in Fortigate firewalls
Fortinet released security updates to fix a critical security flaw in its FortiGate firewalls that lead to remote code execution. Fortinet has released security patches to address a critical security vulnerability, tracked as CVE-2023-27997, in its FortiGate firewalls. An attacker can exploit the vulnerability to achieve remote code execution on vulnerable network equipment. The vulnerability was […]
The post Fortinet urges to patch a critical RCE flaw in Fortigate firewalls appeared first on Security Affairs.
Zyxel firewall and VPN devices affected by critical flaws
Zyxel fixed two critical flaws in multiple firewall and VPN products that can lead to remote code execution or cause a DoS condition. Zyxel addressed two critical buffer overflow vulnerabilities, tracked as CVE-2023-33009 and CVE-2023-33010, that affect several of its firewall and VPN products. A remote, unauthenticated attacker can can trigger the flaws to cause a denial-of-service (DoS) […]
The post Zyxel firewall and VPN devices affected by critical flaws appeared first on Security Affairs.
Cisco EoL SPA112 2-Port Phone Adapters are affected by critical RCE
Cisco is warning customers of a critical remote code execution vulnerability affecting its EoL SPA112 2-Port Phone Adapters. Cisco is warning of a critical remote code execution (RCE) vulnerability, tracked as CVE-2023-20126 (CVSS score of 9.8), impacting SPA112 2-Port phone adapters. The company product has reached end-of-life (EoL). The vulnerability resides in the web-based management […]
The post Cisco EoL SPA112 2-Port Phone Adapters are affected by critical RCE appeared first on Security Affairs.
Apache Superset Shipped With Unpatched RCE Vulnerability
Researchers spotted a severe unpatched remote code execution vulnerability shipped by default in Apache Superset.…
Apache Superset Shipped With Unpatched RCE Vulnerability on Latest Hacking News | Cyber Security News, Hacking Tools and Penetratio…
PaperCut security vulnerabilities under active attack – vendor urges customers to patch
If you have the product, but you haven’t patched – well, the crooks have now landed, so please don’t delay. Do it today…
Apple zero-day spyware patches extended to cover older Macs, iPhones and iPads
That double-whammy Apple browser-to-kernel spyware bug combo we wrote up last week? Turns out it applies to all supported Macs and iDevices – patch now!
Dangerous Android phone 0-day bugs revealed – patch or work around them now!
Despite its usually inflexible 0-day disclosure policy, Google is keeping four mobile modem bugs semi-secret due to likely ease of exploitation.
Baseband RCE flaws in Samsung’s Exynos chipsets expose devices to remote hack
Google’s Project Zero hackers found multiple flaws in Samsung ’s Exynos chipsets that expose devices to remote hack with no user interaction. White hat hackers at Google’s Project Zero unit discovered multiple vulnerabilities Samsung ’s Exynos chipsets that can be exploited by remote attackers to compromise phones without user interaction. The researchers discovered a total […]
The post Baseband RCE flaws in Samsung’s Exynos chipsets expose devices to remote hack appeared first on Security Affairs.
A critical flaw affects Fortinet FortiOS and FortiProxy, patch it now!
Fortinet addressed a critical heap buffer underflow vulnerability affecting FortiOS and FortiProxy, which can lead to arbitrary code execution. Fortinet addressed a critical buffer underwrite (‘buffer underflow’) vulnerability, tracked as CVE-2023-25610 (CVSS v3 9.3), that resides in the administrative interface in FortiOS and FortiProxy. A remote, unauthenticated attacker can exploit the vulnerability to execute arbitrary […]
The post A critical flaw affects Fortinet FortiOS and FortiProxy, patch it now! appeared first on Security Affairs.