by CIRT Team
Adobe releases out-of-band security update for Adobe Media Encoder
DESCRIPTION Adobe has released an out-of-band security update for Adobe Media Encoder that fixes three ‘Important’ security vulnerabilities. The three vulnerabilities are classified as ‘Information Disclosure,’ which could allow sensitive information to be leaked in the security of the active user. Adobe advises customers to update the vulnerable apps to the latest versions as soon as possible to block attacks attempting to exploit unpatched installations....
Read More
by CIRT Team
Critical Patches Issued for Microsoft Products
DESCRIPTION Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution. Successful exploitation of the most severe of these vulnerabilities could result in an attacker gaining the same privileges as the logged-on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts...
Read More
by CIRT Team
Critical Intel Active Management Technology (ATM) Flaw Allows Privilege Escalation
DESCRIPTION AMT is part of the Intel vPro platform (Intel’s umbrella marketing term for its collection of computer hardware technologies) and is primarily used by enterprise IT shops for remote management of corporate systems. The flaw can be exploited by an unauthenticated attacker on the same network, in order to gain escalated privileges. The issue (CVE-2020-8758), found internally by Intel employees, ranks 9.8 out of...
Read More
by CIRT Team
Multiple Vulnerabilities in Palo Alto PAN-OS Could Allow for Arbitrary Code Execution
DESCRIPTION Multiple vulnerabilities have been discovered in Palo Alto PAN-OS, the most severe of which could allow for arbitrary code execution. PAN-OS is an operating system for Palo Alto Network Appliances. An attacker can exploit this issue by sending a malicious request to the Captive Portal or Multi-Factor Authentication interface. Successful exploitation of the most severe of these vulnerabilities could allow an unauthenticated remote attacker...
Read More
by CIRT Team
Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
DESCRIPTIONMultiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Google Chrome is a web browser used to access the Internet. Successful exploitation of the most severe of these vulnerabilities could allow an attacker to execute arbitrary code in the context of the browser. Depending on the privileges associated with the application, an attacker could view,...
Read More
by CIRT Team
Multiple Vulnerabilities in Adobe Could Allow for Arbitrary Code Execution
DESCRIPTIONMultiple vulnerabilities have been discovered in Adobe InDesign, Adobe Framemaker, and Adobe Experience Manager, the most severe of which could allow for arbitrary code execution. Adobe InDesign is a desktop publishing and typesetting software that can be used to create works such as posters, flyers, brochures, magazines, newspapers, presentations, books and ebooks. Adobe FrameMaker is a document processor designed for writing and editing large or...
Read More
by CIRT Team
Multiple Vulnerabilities in SAP Products Could Allow for Arbitrary Code Execution
DESCRIPTION Multiple vulnerabilities have been discovered in SAP products, the most severe of which could allow for arbitrary code execution. SAP is a software company which creates software to manage business operations and customer relations. Successful exploitation of the most severe of these vulnerabilities could allow an unauthenticated, remote attacker to execute code on the affected systems. Depending on the privileges associated with the application,...
Read More
by CIRT Team
Critical Patches Issued for Microsoft Products, September 08, 2020
DESCRIPTION Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution. Successful exploitation of the most severe of these vulnerabilities could result in an attacker gaining the same privileges as the logged-on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts...
Read More
by CIRT Team
Multiple Vulnerabilities in Google Android OS Could Allow for Remote Code Execution
DESCRIPTION Multiple vulnerabilities have been discovered in the Google Android operating system (OS), the most severe of which could allow for remote code execution. Android is an operating system developed by Google for mobile devices, including, but not limited to, smartphones, tablets, and watches. Successful exploitation of the most severe of these vulnerabilities could allow for remote code execution within the context of a privileged...
Read More
