RCE

Malware & Threats

Issued by: Security Week

An end-of-life (EOL) product installed as a plug-in to VMware vCenter Server, NSX-V is a network virtualization solution offering networking and security functionality, including VPN, logical switching and routing, and more. The product is bundled within VMware Cloud Foundation. Last week, VMware announced the availability of patches for CVE-2021-39144 (CVSS score of 9.8), an RCE…

Vulnerabilities

Issued by: Kaspersky Blog

With this August patch Tuesday Microsoft fixed more than a hundred vulnerabilities. Some of the vulnerabilities require special attention from corporate cybersecurity personal. Among them there are 17 critical ones, two of which are zero-days. At least one vulnerability has already been actively exploited in the wild, so it would be wise not to delay…

Vulnerabilities

Issued by: CSO

Security researchers have found several vulnerabilities affecting many models of APC Smart-UPS uninterruptible power supplies that could be exploited to take over the devices. UPS devices are used across many industries to keep mission-critical devices running in case of power loss. “Two of these are remote code execution (RCE) vulnerabilities in the code handling the…

Vulnerabilities

Issued by: Help Net Security

The existence of a critical RCE vulnerability (CVE-2021-3064) affecting certain versions of Palo Alto Networks (PAN) firewalls using the GlobalProtect Portal VPN has been revealed by a cybersecurity company that exploited it during red team engagements for the last 12 months. The vulnerability has been patched, but since there are still over 10,000 vulnerable internet-facing…