Blog

A vulnerability in the client update feature of Cisco AnyConnect Secure Mobility Client Software for Windows and Cisco Secure Client Software for Windows could allow a low-privileged, authenticated, local attacker to elevate privileges to those of SYSTEM. This vulnerability exists because improper permissions are assigned to a temporary directory that is created during the upgrade process. An attacker could exploit this vulnerability by abusing a specific function of the Windows installer More info: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ac-csc-privesc-wx4U4Kw?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20AnyConnect%20Secure%20Mobility%20Client%20Software%20for%20Windows%20and%20Cisco%20Secure%20Client%20Software%20for%20Windows%20Privilege%20Escalation%20Vulnerability&vs_k=1

Security Advisory Description Improper isolation of shared resources in some Intel(R) Processors when using Intel(R) Software Guard Extensions may allow a privileged user to potentially enable ... More info: https://my.f5.com/manage/s/article/K000134938?utm_source=f5support&utm_medium=RSS

VMware’s Carbon Black Managed Detection and Response (MDR) team began seeing a surge of TrueBot activity in May 2023. TrueBot, otherwise known as Silence.Downloader has been seen since at least 2017. TrueBot is under active development by Silence, with recent versions using a Netwrix vulnerability for delivery. In this article, we will break down what … ContinuedThe post Carbon Black’s TrueBot Detection appeared first on VMware Security Blog. More info: https://blogs.vmware.com/security/2023/06/carbon-blacks-truebot-detection.html?utm_source=rss&utm_medium=rss&utm_campaign=carbon-blacks-truebot-detection

Security Advisory Description SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API. (CVE-2022-35737) More info: https://my.f5.com/manage/s/article/K000130512?utm_source=f5support&utm_medium=RSS

Security Advisory Description urllib in Python 2.x through 2.7.16 supports the local_file: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: ... More info: https://my.f5.com/manage/s/article/K28622040?utm_source=f5support&utm_medium=RSS

Security Advisory Description The Pallets Project flask version Before 0.12.3 contains a CWE-20: Improper Input Validation vulnerability in flask that can result in Large amount of memory usage ... More info: https://my.f5.com/manage/s/article/K63597327?utm_source=f5support&utm_medium=RSS

Security Advisory Description The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload data. If the ... More info: https://my.f5.com/manage/s/article/K000132635?utm_source=f5support&utm_medium=RSS

Security Advisory Description The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is ... More info: https://my.f5.com/manage/s/article/K31323265?utm_source=f5support&utm_medium=RSS

Security Advisory Description A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows ... More info: https://my.f5.com/manage/s/article/K54724312?utm_source=f5support&utm_medium=RSS

Security Advisory Description A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13. (CVE-2021-40490) Impact More info: https://my.f5.com/manage/s/article/K04712583?utm_source=f5support&utm_medium=RSS