SecureTeam

Critical Vulnerability Patched in Zyxel NAS Devices

Zyxel Network Attached Storage (NAS) devices have received a security update to patch a critical severity command injection vulnerability. Devices affected by this flaw include NAS326 models running firmware version V5.21(AAZF.13)C0 or prior, NAS540 models running firmware version V5.21(AATB.10)C0 or prior, and NAS542 models running firmware version V5.21(ABAG.10)C0 or prior. In their security advisory, Zyxel […]

Critical Vulnerability Patched in Zyxel NAS Devices Read More »

ASUS Patch Critical Flaws from 2022 and 2018

News, Vulnerabilities / Ian Reynolds

The new ASUS router firmware update contains security patches for nine vulnerabilities amongst other important security fixes. Six of these vulnerabilities are high severity flaws, while another two, from 2018 and 2022, are rated as critical, with CVSS base scores of 9.8. Four of the high severity flaws were also legacy fixes from 2022, while

ASUS Patch Critical Flaws from 2022 and 2018 Read More »

Critical Flaws Exploited in MOVEit Transfer Data Theft

Information Assurance, News / Ian Reynolds

MOVEit Transfer and MOVEit Cloud customers experienced data theft attacks through the exploit of critical vulnerabilities beginning at the end of last month. High profile organisations across the UK and USA suffered massive data breaches as a result. Ongoing investigation into these attacks have resulted in three vulnerabilities being identified and patched by Progress

Critical Flaws Exploited in MOVEit Transfer Data Theft Read More »

Critical RCE Fortinet Flaw May Have Been Exploited

News, Vulnerabilities / Ian Reynolds

A critical remote code execution vulnerability has been patched in the latest Fortigate firmware updates for Fortinet FortiOS, FortiOS-6K7K, and FortiProxy SSL VPN devices. These updates were pushed out last week, however specific details about the critical vulnerability patched was not made available until Monday, when Fortinet published a security advisory detailing fixed versions, and

Critical RCE Fortinet Flaw May Have Been Exploited Read More »

High Severity Cisco Elevation of Privileges Flaw

News, Vulnerabilities / Ian Reynolds

A high severity vulnerability exists within the Cisco Secure Client Software for Windows and Cisco AnyConnect Secure Mobility Client Software for Windows. This elevation of privileges flaw could enable an attacker to have SYSTEM level privileges to carry out further attacks on vulnerable systems. The Cisco Secure Client and Cisco AnyConnect Secure Mobility Client products

High Severity Cisco Elevation of Privileges Flaw Read More »

Android Update Fixes Critical and Exploited Flaws

News, Vulnerabilities / Ian Reynolds

The Android Security Update for June has been released containing patches for 56 vulnerabilities, 5 of which have been assigned a critical severity rating, and one which is known to be actively exploited. The critical severity flaws patched this month include three remote code execution flaws, CVE-2023-21108 and CVE-2023-21130 are found in the Android System,

Android Update Fixes Critical and Exploited Flaws Read More »

Google Fix Chrome Bug Exploited in the Wild

News, Vulnerabilities / Ian Reynolds

A zero-day vulnerability in Google Chrome that has been exploited in the wild has been fixed through the most recent Stable Channel Update for Desktop. A security bulletin released by Google this week confirms that an exploit for this bug exists, however, detailed exploit and vulnerability information has still not been released by Google in

Google Fix Chrome Bug Exploited in the Wild Read More »

Zyxel Patch Critical Buffer Overflow Vulnerabilities

News, Vulnerabilities / Ian Reynolds

Zyxel firewall and VPN products have been found to contain two critical severity buffer overflow vulnerabilities that could be exploited by unauthenticated attackers. The affected products include ATP, USG FLEX, USG FLEX50(W) and USG20(W)-VPN, VPN, and ZyWall/USG. Zyxel have released a security advisory to inform users of these products about these vulnerabilities, and which patch

Zyxel Patch Critical Buffer Overflow Vulnerabilities Read More »

Critical Flaws in D-View Network Management Suite

News, Vulnerabilities / Ian Reynolds

D-View network management suite, developed by D-Link, has received a security update to patch two critical severity vulnerabilities. D-View can be used to control device configurations, monitor performance, and create network maps, as well as for other administrative network management tasks. These operations require access to devices and network components with high privileges so the

Critical Flaws in D-View Network Management Suite Read More »

Maximum Severity Flaw Patched in GitLab

News, Vulnerabilities / Ian Reynolds

A vulnerability affecting GitLab Community and Enterprise Editions, has been assigned the highest possible CVSS score of 10.0. GitLab is a web-based Git repository used for remote code management by developers and their teams, with approximately 30 million registered users. GitLab have released an emergency security update to address this critical flaw which they advise

Maximum Severity Flaw Patched in GitLab Read More »

News

Critical Vulnerability Patched in Zyxel NAS Devices

ASUS Patch Critical Flaws from 2022 and 2018

Critical Flaws Exploited in MOVEit Transfer Data Theft

Critical RCE Fortinet Flaw May Have Been Exploited

High Severity Cisco Elevation of Privileges Flaw

Android Update Fixes Critical and Exploited Flaws

Google Fix Chrome Bug Exploited in the Wild

Zyxel Patch Critical Buffer Overflow Vulnerabilities

Critical Flaws in D-View Network Management Suite

Maximum Severity Flaw Patched in GitLab

Our Address

Talk to us

Office Hours

Company Number

VAT Registration Number

Penetration Testing

Risk & Compliance Services

Quick Links

information. secured.

Head Office Address

Opening Hours

Stay in Touch