Author Archives: CIRT Team



CIRT Team

in Security Advisories & Alerts

Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution

DESCRIPTION:Multiple vulnerabilities have been discovered in Google Chrome, the mostsevere of which could allow for arbitrary code execution. Google Chromeis a web browser used to access the Internet. Successful exploitation ofthe most severe of these vulnerabilities could allow an attacker toexecute arbitrary code in the context of the browser. Depending on theprivileges associated with the application, an attacker could view,change, or delete data. If this...

Read More

0
16 Jun 2021
in Security Advisories & Alerts

UPDATED – Critical Patches Issued for Microsoft Products, June 8, 2021

DESCRIPTION:There are six zero-day vulnerabilities that Microsoft has tracked asbeing actively exploited which include CVE-2021-33742, CVE-2021-33739,CVE-2021-31199, CVE-2021-31201, CVE-2021-31955 and CVE-2021-31956. IMPACT:Multiple vulnerabilities have been discovered in Microsoft products, themost severe of which could allow for arbitrary code execution. A full list of all vulnerabilities can be found at the link below:https://msrc.microsoft.com/update-guide/en-us Successful exploitation of the most severe of these vulnerabilitiescould result in an attacker gaining...

Read More

0
15 Jun 2021
in Security Advisories & Alerts

Multiple Vulnerabilities in SAP Products Could Allow for Remote Code Execution

DESCRIPTION:Multiple vulnerabilities have been discovered in SAP products, the mostsevere of which could allow for remote code execution. SAP is a softwarecompany which creates software to manage business operations andcustomer relations. Successful exploitation of the most severe of thesevulnerabilities could allow an unauthenticated, remote attacker toexecute code on the affected systems. Depending on the privilegesassociated with the application, an attacker could then installprograms; view, change,...

Read More

0
15 Jun 2021
in Security Advisories & Alerts

UPDATED – Multiple Vulnerabilities in VMware vCenter Server Could Allow for Remote Code Execution

DESCRIPTION:Threat intelligence firm Bad Packets has reported that hackers areactively scanning the Internet for VMware vCenter servers vulnerableagainst a critical RCE flaw recently fixed by VMware. IMPACT:Multiple vulnerabilities have been discovered in VMware vCenter Server,which could result in remote code execution. Details of thesevulnerabilities are as follows: * A remote code execution vulnerability in vCenter Server which enablesa malicious actor to execute commands with unrestricted...

Read More

0
15 Jun 2021
in Security Advisories & Alerts

Critical Patches Issued for Microsoft Products, June 8, 2021

DESCRIPTION:Multiple vulnerabilities have been discovered in Microsoft products, themost severe of which could allow for arbitrary code execution in thecontext of the logged on user. Depending on the privileges associatedwith the user, an attacker could then install programs; view, change, ordelete data; or create new accounts with full user rights. Users whoseaccounts are configured to have fewer user rights on the system could beless impacted...

Read More

0
15 Jun 2021
in Security Advisories & Alerts

Multiple Vulnerabilities in Cisco Webex Could Allow for Arbitrary Code Execution

DESCRIPTION:Multiple vulnerabilities have been discovered in Cisco Webex NetworkRecording Player and Cisco Webex Player that could allow for arbitrarycode execution. The Webex meeting service is a hosted multimediaconferencing solution that is managed and maintained by Cisco Webex. TheWebex Network Recording Player is an application that is used to convertWebex recording files to standard formats such as Windows Media Video,Flash or MP4. The Webex Player is...

Read More

0
15 Jun 2021
in Security Advisories & Alerts

Multiple Vulnerabilities in Mozilla Firefox Could Allow for Arbitrary Code Execution

DESCRIPTION:Multiple vulnerabilities have been discovered in Mozilla Firefox,Firefox Extended Support Release (ESR) and Mozilla Firefox for iOS, themost severe of which could allow for arbitrary code execution. MozillaFirefox is a web browser used to access the Internet. Mozilla FirefoxESR is a version of the web browser intended to be deployed in largeorganizations. Mozilla Firefox for iOS is a web browser used to accessthe Internet on...

Read More

0
15 Jun 2021
in Security Advisories & Alerts

Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution

DESCRIPTION:Multiple vulnerabilities have been discovered in Google Chrome, the mostsevere of which could allow for arbitrary code execution. Google Chromeis a web browser used to access the Internet. Successful exploitation ofthe most severe of these vulnerabilities could allow an attacker toexecute arbitrary code in the context of the browser. Depending on theprivileges associated with the application, an attacker could view,change, or delete data. If this...

Read More

0
09 Jun 2021
in Security Advisories & Alerts

Multiple Vulnerabilities in VMware vCenter Server Could Allow for Remote Code Execution

DESCRIPTION:Multiple vulnerabilities have been discovered in VMware vCenter Server,the most severe of which could allow for remote code execution. VMwarevCenter Server is a centralized management utility for VMware, and isused to manage virtual machines, multiple ESXi hosts, and all dependentcomponents from a single centralized location. Successful exploitationof these vulnerabilities could allow an attacker to execute remote codein context of the user running the application. IMPACT:Multiple...

Read More

0
09 Jun 2021
in CVE, Security Advisories & Alerts

CVE-2021-21985: Critical VMware vCenter Server Remote Code Execution

Description: The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server. Impacted Products:VMware vCenter Server (vCenter...

Read More

0
07 Jun 2021
Page 9 of 11« First...7891011