Security vulnerabilities are a common occurrence in managing any business’s organizational security. The prompt patching and remediation of any new vulnerabilities are critical to reducing the outside attack surface. Netizen’s Security Operations Center (SOC) has compiled five vulnerabilities from September that should be immediately patched or addressed if present in your environment. Detailed writeups below:
CVE-2023-41993
This vulnerability, rated at a critical NIST CVSSv3 score of 9.8/10, pertains to the handling of web content in Safari, iOS, iPadOS, and macOS Sonoma. Processing web content posed a risk of arbitrary code execution, a concern that Apple addressed through enhanced checks. The issue is resolved in Safari 17, iOS 16.7, iPadOS 16.7, and macOS Sonoma 14. Notably, there have been reports of active exploitation targeting iOS versions prior to 16.7.
CVE-2023-38205
Adobe ColdFusion versions 2018u18 and earlier, 2021u8 and earlier, and 2023u2 and earlier are affected by an Improper Access Control vulnerability. This vulnerability, rated at a high NIST CVSSv3 score of 7.5/10, could potentially lead to a Security feature bypass, allowing attackers to access the administration CFM and CFC endpoints. Importantly, exploitation of this issue does not necessitate user interaction.
CVE-2023-5174
This critical vulnerability exclusively impacts Firefox on Windows under non-standard configurations, such as ‘runas.’ With a NIST CVSSv3 score of 9.8/10, it stems from a situation where Windows fails to duplicate a handle during process creation, inadvertently leading to a use-after-free scenario. It’s essential to note that this bug does not affect other operating systems. This vulnerability can result in a potentially exploitable crash. It is relevant to Firefox versions less than 118, Firefox ESR versions less than 115.3, and Thunderbird versions less than 115.3.
CVE-2023-4760
In Eclipse RAP versions from 3.0.0 to 3.25.0, a critical vulnerability exists that permits Remote Code Execution on Windows when utilizing the FileUpload component. This vulnerability is attributed to an insecure extraction of file names within the FileUploadProcessor.stripFileName(String name) method. When a forward slash (/) is detected in the path, everything preceding it is removed, but potentially present backslashes () are retained. This flaw allows for the upload and execution of malicious files, posing a significant threat. An illustrative example is the upload of a file with the name /….\webapps\shell.war, which under Windows is saved as ….\webapps\shell.war in the webapps directory and can subsequently be executed. The NIST CVSSv3 score for this vulnerability is 9.8/10.
CVE-2023-2262
A critical vulnerability with a NIST CVSSv3 score of 9.8/10 exists in Rockwell Automation select 1756-EN* communication devices. This vulnerability is characterized by a buffer overflow, which, if exploited, could enable a threat actor to perform remote code execution. To exploit this vulnerability, a maliciously crafted CIP request must be sent to the device. The consequences of this vulnerability are severe, as successful exploitation could result in unauthorized access, control, or manipulation of these industrial devices, potentially leading to operational disruptions and damage.
Conclusion:
In conclusion, software vulnerabilities are a common nuisance to IT and security teams everywhere. Organizations that prioritize the remediation and patching of these vulnerabilities will drastically reduce their attack surface and ensure no doors into their environment are left unlocked.
How Can Netizen Help?
Netizen ensures that security gets built-in and not bolted-on. Providing advanced solutions to protect critical IT infrastructure such as the popular “CISO-as-a-Service” wherein companies can leverage the expertise of executive-level cybersecurity professionals without having to bear the cost of employing them full time.
We also offer compliance support, vulnerability assessments, penetration testing, and more security-related services for businesses of any size and type.
Additionally, Netizen offers an automated and affordable assessment tool that continuously scans systems, websites, applications, and networks to uncover issues. Vulnerability data is then securely analyzed and presented through an easy-to-interpret dashboard to yield actionable risk and compliance information for audiences ranging from IT professionals to executive managers.
Netizen is an ISO 27001:2013 (Information Security Management), ISO 9001:2015, and CMMI V 2.0 Level 3 certified company. We are a proud Service-Disabled Veteran-Owned Small Business that is recognized by the U.S. Department of Labor for hiring and retention of military veterans.
Questions or concerns? Feel free to reach out to us any time –
https://www.netizen.net/contact
