+44 (0)203 88 020 88

Menu

Search

Vulnerabilities

Exploit for Critical Auth Bypass Flaw in ArcServe UDP

A critical vulnerability has been discovered in ArcServe Unified Data Protection (UDP) versions 7.0 to 9.0 that can be exploited to bypass authentication on the system. ArcServe UDP is data protection software used for ransomware protection through attack neutralisation, data restoration, and disaster recovery. This authentication bypass vulnerability could result in attackers obtaining admin privileges, […]

Exploit for Critical Auth Bypass Flaw in ArcServe UDP Read More »

Apple Fix Exploited Flaws Used to Deploy Spyware

Three actively exploited vulnerabilities have recently been patched by Apple, two of which have been used to deploy Triangulation spyware onto iOS devices. Russian security firm Kaspersky published a report investigating the use of these vulnerabilities in what they have termed ‘Operation Triangulation’ which involves the implant of TriangleDB (Kaspersky’s term) on vulnerable iOS devices.

Apple Fix Exploited Flaws Used to Deploy Spyware Read More »

Grafana Fix Azure AD Authentication Bypass Flaw

Open-source data analytics and visualisations organisation Grafana have released a new security update for their app that patches a critical severity authorisation bypass flaw. This vulnerability affects Grafana accounts that use Azure Active Directory (AD) for account authentication. The new releases include Grafana versions 10.0.1, 9.5.5, 9.4.13, 9.3.16, 9.2.20, and 8.5.27. Other security fixes are

Grafana Fix Azure AD Authentication Bypass Flaw Read More »

Critical Vulnerability Patched in Zyxel NAS Devices

Zyxel Network Attached Storage (NAS) devices have received a security update to patch a critical severity command injection vulnerability. Devices affected by this flaw include NAS326 models running firmware version V5.21(AAZF.13)C0 or prior, NAS540 models running firmware version V5.21(AATB.10)C0 or prior, and NAS542 models running firmware version V5.21(ABAG.10)C0 or prior. In their security advisory, Zyxel

Critical Vulnerability Patched in Zyxel NAS Devices Read More »

Critical RCE Fortinet Flaw May Have Been Exploited

A critical remote code execution vulnerability has been patched in the latest Fortigate firmware updates for Fortinet FortiOS, FortiOS-6K7K, and FortiProxy SSL VPN devices. These updates were pushed out last week, however specific details about the critical vulnerability patched was not made available until Monday, when Fortinet published a security advisory detailing fixed versions, and

Critical RCE Fortinet Flaw May Have Been Exploited Read More »

High Severity Cisco Elevation of Privileges Flaw

A high severity vulnerability exists within the Cisco Secure Client Software for Windows and Cisco AnyConnect Secure Mobility Client Software for Windows. This elevation of privileges flaw could enable an attacker to have SYSTEM level privileges to carry out further attacks on vulnerable systems. The Cisco Secure Client and Cisco AnyConnect Secure Mobility Client products

High Severity Cisco Elevation of Privileges Flaw Read More »

Android Update Fixes Critical and Exploited Flaws

The Android Security Update for June has been released containing patches for 56 vulnerabilities, 5 of which have been assigned a critical severity rating, and one which is known to be actively exploited. The critical severity flaws patched this month include three remote code execution flaws, CVE-2023-21108 and CVE-2023-21130 are found in the Android System,

Android Update Fixes Critical and Exploited Flaws Read More »

Zyxel Patch Critical Buffer Overflow Vulnerabilities

Zyxel firewall and VPN products have been found to contain two critical severity buffer overflow vulnerabilities that could be exploited by unauthenticated attackers. The affected products include ATP, USG FLEX, USG FLEX50(W) and USG20(W)-VPN, VPN, and ZyWall/USG. Zyxel have released a security advisory to inform users of these products about these vulnerabilities, and which patch

Zyxel Patch Critical Buffer Overflow Vulnerabilities Read More »

0

No products in the basket.

No products in the basket.