Our newsletter inform you about critical issues across major vendors such as SAP, Microsoft, and more, with risks ranging from privilege escalation to remote code execution. Urgent patches are required. For in-depth information and solutions, access the full report in our newsletter.
🚨 SAP Security Advisory 🚨
Date Published: 15/11/2023
Importance: 5 - Critical
Affected Products: SAP Business One, version 10.0. Check additional products in references.
Description: SAP released several security updates across various products in its monthly statement.
Action: Visit SAP support portal for necessary updates or patches. Refer to the manufacturer's guidelines.
Critical CVEs: Inadequate access control (CVE-2023-31403).
Inadequate access control caused by the product installation process, allowing anonymous users to read and write in the SMB shared folder. Components affected include CR shared folder, Traditional Mobile (attachment path), RSP (log folder logic), Job Service, and BAS (file upload folder). References: SAP Security Updates, Onapsis Blog
🔐 Microsoft Security Update 🔐
Date Published: 15/11/2023
Importance: High - Multiple ratings Affected
Products: Extensive list including .NET Framework, Azure, Microsoft Edge, Office, Windows, and more.
Description: 63 vulnerabilities with 2 rated critical, 48 important, and 13 moderate. Action: Install the corresponding security updates. Visit Microsoft's page for various update methods.
Critical CVEs: 3 actively exploited 0day vulnerabilities (CVE-2023-36036, CVE-2023-36033, CVE-2023-36025).
Denial of service, privilege escalation, information disclosure, remote code execution, security feature bypass, identity spoofing. References: Microsoft Security Update Guide, Microsoft Release Notes
⚡ HPE Aruba Access Points Alert ⚡
Date Published: 15/11/2023
Importance: 5 - Critical
Affected Products: ArubaOS, InstantOS across various versions. Description: 14 vulnerabilities reported, 3 critical, 9 high, and 2 moderate. Possible system integrity compromise and code/command execution.
Action: Update to specified versions or newer.
Critical CVEs: Buffer overflows leading to remote code execution (CVE-2023-45614, CVE-2023-45615, CVE-2023-45616).
Buffer overflows in CLI service and AirWave Client could lead to remote code execution by sending specially crafted packets to UDP ports. References: HPE Support Document
🛠️ AVEVA Operations Control Logger Advisory 🛠️
Date Published: 15/11/2023
Importance: 4 - High
Affected Products: AVEVA SystemPlatform, Historian, Application Server, InTouch, and more.
Description: Two vulnerabilities reported with high and medium severity that could allow privilege escalation or denial of service.
Action: Assess impact based on environment and apply security updates promptly. Critical CVEs: Privilege escalation (CVE-2023-33873), External control (CVE-2023-34982).
High severity privilege escalation could compromise the target machine completely if exploited in the cloud. References: AVEVA Security Bulletin, CISA Advisory
💻 VMware Cloud Director Appliance Warning 💻
Date Published: 15/11/2023
Importance: 5 - Critical
Affected Products: VMware Cloud Director Appliance version 10.5 updated from 10.4.x or earlier.
Description: Critical vulnerability reported that could allow an attacker to bypass authentication mechanisms.
Action: Apply updates for new installations or previous versions.
Critical CVEs: Authentication bypass (CVE-2023-34060).
Authentication bypass not present in new installations, exploitable via network access to the device. References: VMware Security Advisory
🔧 Rockwell Automation Product Alert 🔧
Date Published: 15/11/2023
Importance: 4 - High
Affected Products: Safety Instrumented System Workstation, ISaGRAF Workbench.
Description: High severity vulnerability that could allow unprivileged local users to overwrite files with malicious programs.
Action: Update to the latest version as specified.
Critical CVEs: File overwrite vulnerability (CVE-2015-9268).
Unsafe links against Version.dll and insecure temporary folder locations in the installer and uninstaller allow file overwrite. References: CISA Advisory
🔒 Intel Data Center Manager Advisory 🔒
Date Published: 15/11/2023
Importance: 5 - Critical
Affected Products: Intel® Data Center Manager, versions prior to 5.2.
Description: Critical vulnerability reported that could allow privilege escalation.
Action: Update Intel® DCM to version 5.2 or later.
Critical CVEs: Privilege escalation (CVE-2023-31273).
Security vulnerability in Intel® DCM could lead to privilege elevation. References: Intel Security Advisory, Intel Security Center
📊 Conclusion: This month's cybersecurity landscape shows a critical need for immediate action. We've seen critical vulnerabilities across major vendors like SAP, Microsoft, HPE, AVEVA, VMware, Rockwell Automation, and Intel, with the potential for privilege escalation, remote code execution, authentication bypass, and more. The common thread? The urgent need for patching and updating systems. Stay vigilant and patch promptly! 🛡️🔐