Fortinet Releases June 2023 Vulnerability Advisories
Fortinet has released its June 2023 Vulnerability Advisories to address vulnerabilities affecting multiple products. An attacker could exploit one of these vulnerabilities to take control of an affected system.
CISA encourages users and administrators to review the Fortinet June 2023 Vulnerability Advisories page for more information and apply the necessary updates.
Microsoft Releases June 2023 Security Updates
Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can exploit some of these vulnerabilities to take control of an affected system.
CISA encourages users and administrators to review Microsoft’s June 2023 Security Update Guide and Deployment Information and apply the necessary updates.
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
CVE-2023-27997 Fortinet FortiOS Heap-Based Buffer Overflow Vulnerability
These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Note: To view other newly added vulnerabilities in the catalog, click on the arrow in the “Date Added to Catalog” column—which will sort by descending dates.
Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.
Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.
Cisco Releases Security Advisories for Multiple Products
Cisco has released security advisories for vulnerabilities affecting multiple Cisco products. A remote cyber threat actor could exploit these vulnerabilities to take control of an affected system.
CISA encourages users and administrators to review the following advisories and apply the necessary updates:
Cisco AnyConnect Secure Mobility Client Software for Windows and Cisco Secure Client Software for Windows Privilege Escalation Vulnerability cisco-sa-ac-csc-privesc-wx4U4Kw
Cisco Expressway Series and Cisco TelePresence Video Communication Server Privilege Escalation Vulnerabilities cisco-sa-expressway-priv-esc-Ls2B9t7b
Cisco Unified Communications Manager IM & Presence Service Denial of Service Vulnerability cisco-sa-cucm-imp-dos-49GL7rzT
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software for Firepower 2100 Series Appliances SSL/TLS Denial of Service Vulnerability cisco-sa-asaftd-ssl-dos-uu7mV5p6
Cisco AnyConnect Secure Mobility Client Software for Windows and Cisco Secure Client Software for Windows Privilege Escalation Vulnerability cisco-sa-ac-csc-privesc-wx4U4Kw
Cisco Small Business 200, 300, and 500 Series Switches Web-Based Management Stored Cross-Site Scripting Vulnerability cisco-sa-smb-sxss-OPYJZUmE
Cisco Unified Communications Manager Denial of Service Vulnerability cisco-sa-cucm-dos-4Ag3yWbD
Cisco Secure Workload Authenticated OpenAPI Privilege Escalation Vulnerability cisco-sa-csw-auth-openapi-kTndjdNX
For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page.
CISA Issues BOD 23-02: Mitigating the Risk from Internet-Exposed Management Interfaces
Today, CISA issued Binding Operational Directive (BOD) 23-02: Mitigating the Risk from Internet-Exposed Management Interfaces, requiring Federal Civilian Executive Branch (FCEB) agencies to reduce risks posed by internet-exposed networked management interfaces on federal information systems. This Directive applies to dedicated device interfaces that are accessible over network protocols and are meant exclusively for authorized users to perform administrative activities on a device, a group of devices, or the network itself.
Agencies must be prepared to remove identified networked management interfaces from exposure to the internet, or protect them with Zero-Trust capabilities that implement a policy enforcement point separate from the interface itself. CISA will monitor and support agency adherence, providing additional resources as needed. FCEB agencies should contact CISA at cyberdirectives@cisa.dhs.gov for additional information.
While BOD 23-02 strictly applies to FCEB agencies, this threat extends to every sector. CISA recommends all stakeholders review and adopt this guidance.
Campaña masiva de phishing suplanta marcas reconocidas
Una reciente investigación conducida por Bolster ha descubierto una campaña hasta ahora desconocida, de suplantación de marcas populares de ropa, calzado e indumentaria. Según la investigación, las marcas suplantadas sobrepasan las cien marcas, entre las cuales se puede mencionar Nike, Puma, Crocs, Caterpillar, entre muchas otras. Se estima que la campaña de suplantación ha estado […]