Cyber Morning Call - #462 - 12/01/2024

[Referências do Episódio] KB CVE-2023-46805 (Authentication Bypass) & CVE-2024-21887 (Command Injection) for Ivanti Connect Secure and Ivanti Policy Secure Gateways - https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US Active Exploitation of Two Zero-Day Vulnerabilities in Ivanti Connect Secure VPN - https://www.volexity.com/blog/2024/01/10/active-exploitation-of-two-zero-day-vulnerabilities-in-ivanti-connect-secure-vpn/  2024-01 Security Bulletin: Junos OS and Junos OS Evolved: In a jflow scenario continuous route churn will cause a memory leak and eventually an rpd crash (CVE-2024-21611) - https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-In-a-jflow-scenario-continuous-route-churn-will-cause-a-memory-leak-and-eventually-an-rpd-crash-CVE-2024-21611?language=en_US   Cisco Unity Connection Unauthenticated Arbitrary File Upload Vulnerability - https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cuc-unauth-afu-FROYsCsD  Weaponizing Apache OFBiz CVE-2023-51467 - https://vulncheck.com/blog/ofbiz-cve-2023-51467  Siemens SIMATIC CN 4100 - https://www.cisa.gov/news-events/ics-advisories/icsa-24-011-09  Roteiro e apresentação: Carlos Cabral e Bianca Oliveira Edição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

There are no comments yet.

Please log in to write the first comment.