Citrix fixed two actively exploited zero-day vulnerabilities impacting Netscaler ADC and Gateway appliances.
Citrix warns customers to install security updates to address two actively exploited zero-day vulnerabilities, tracked as CVE-2023-6548 and CVE-2023-6549, impacting Netscaler ADC and Gateway appliances.
Exploits of these CVEs on unmitigated appliances have been observed. Cloud Software Group strongly urges affected customers of NetScaler ADC and NetScaler Gateway to install the relevant updated versions as soon as possible.
Analysis from our SOC team
The vulnerabilities impact the management interface of Netscaler ADC and Netscaler Gateway, If your management interface is exposed to the internet (which is not best practice), make sure to update your systems ASAP.
Google on Tuesday released updates to fix four security issues in its Chrome browser, including an actively exploited zero-day flaw.
Analysis from our SOC team
Those security issues allows attacker to get access to out-of-bounds memory, potentially accessing secrets both inside and outside Chrome boundaries.
GitLab has released security updates to address two critical vulnerabilities, including one that could be exploited to take over accounts without requiring any user interaction.
Analysis from our SOC team
This Gitlab vulnerability has been assigned a maximum severity score on the CVSS scoring system, is easy to exploit, and allows an attacker to take over any GitLab accounts without requiring any user interaction.
If you use GitLab, you must upgrade as soon as possible to avoid any impact on your code.
If you have a vulnerable GitLab server running, make sure to hunt for potential exploitation, even after having applied patches. Do not hesitate to contact our SOC if you need help in doing so.
Atlassian warns of a critical remote code execution issue in Confluence Data Center and Confluence Server; tracked as CVE-2023-22527 (CVSS score 10.0).
The vulnerability is a template injection vulnerability that can allow remote attackers to execute arbitrary code on vulnerable Confluence installs.
The flaw affects Confluence Data Center and Server versions 8.0.x, 8.1.x, 8.2.x, 8.3.x, 8.4.x, and 8.5.0 through 8.5.3.
Analysis from our SOC team
As per Atlassian recommendation, if using Confluence Server or Confluence Data Center, make sure to upgrade to the latest version.
This vulnerability being exploited into the wild, if you have a vulnerable confluence server running, make sure to hunt for potential exploitation.
Do not hesitate to contact our SOC if you need help in doing so.
This new vulnerability (CVE-2023-41056) in Redis can in some cases, with a certain sequence of payloads lead to Remote Code Execution (RCE). The impact on the Confidentiality, Integrity and Availability is High. The attack complexity is high and there are no privileges or user interaction required to exploit the vulnerability.
Analysis from our SOC team
Redis is an in-memory database that persists on disk and is used by several applications. If you have applications leveraging Redis, we advise you to update it as soon as possible. The problem is present in Redis 7.09 until 7.0.15 and Redis 7.2.0 until 7.2.4
