Featured Story
Citrix Patches Two Actively Exploited Zero-Days
Citrix urges customers to patch CVE-2023-6548 and CVE-2023-6549 affecting NetScaler ADC and Gateway appliances. Exploitation in the wild has already been observed.
Analysis from our SOC team:
If your management interface is exposed to the internet (which is not best practice), patch your systems immediately to prevent exploitation.
If your management interface is exposed to the internet (which is not best practice), patch your systems immediately to prevent exploitation.
Other Highlights
Google Chrome – Zero-Day Fix
Google released urgent patches for four Chrome vulnerabilities, including an actively exploited out-of-bounds memory flaw.
Analysis from our SOC team:
Attackers may gain access to sensitive data both inside and outside the Chrome sandbox. Update Chrome immediately.
Attackers may gain access to sensitive data both inside and outside the Chrome sandbox. Update Chrome immediately.
GitLab – Critical Account Takeover Vulnerability
A critical vulnerability in GitLab allows remote takeover of accounts without user interaction. Assigned CVSS 10.
Analysis from our SOC team:
Upgrade GitLab immediately and check for signs of prior compromise. Reach out to us for incident response or hunting support.
Upgrade GitLab immediately and check for signs of prior compromise. Reach out to us for incident response or hunting support.
Atlassian Confluence – CVSS 10 RCE Exploit
Atlassian has fixed CVE-2023-22527, a template injection vulnerability affecting older versions of Confluence Server/Data Center (8.0.x to 8.5.3).
Analysis from our SOC team:
If you’re using a vulnerable version, patch immediately and investigate potential signs of compromise. This flaw is being actively exploited in the wild.
If you’re using a vulnerable version, patch immediately and investigate potential signs of compromise. This flaw is being actively exploited in the wild.
Redis – High-Impact Remote Code Execution Vulnerability
CVE-2023-41056 affects Redis versions 7.0.9–7.0.15 and 7.2.0–7.2.4. An attacker can achieve remote code execution without needing privileges or interaction.
Analysis from our SOC team:
If your applications use Redis, update immediately to prevent RCE scenarios. Redis is widely embedded in modern stacks and must not be overlooked.
If your applications use Redis, update immediately to prevent RCE scenarios. Redis is widely embedded in modern stacks and must not be overlooked.
Want to enhance your organization’s cyber awareness or compliance strategy? Contact the Approach Cyber SOC team for tailored support and training programs.
