CSIRT POST CyberForce

🚨CVE-2024-21762 (CVSS 9.6/10)🚨 Critical vulnerability affecting FortiOS SSL VPN is exploited in the wild and allows unauthenticated attackers to gain remote code execution (RCE) via maliciously crafted requests. Follow mitigations steps now ! fortiguard.com/psirt/FG-IR-24…

🚨CVE-2024-0519 (CVSS 8.8/10)🚨 Critical Zero-Day vulnerability affecting Chrome and Chromium-based browsers is exploited in the wild and allows out-of-bounds memory access and remote code execution. No patch available! Apply mitigations now! msrc.microsoft.com/update-guide/v…

🚨CVE-2024-21887 (CVSS 9.1/10)🚨 Critical zero-day vulnerability affecting Ivanti Policy Secure gateways is exploited in the wild and allows an authenticated user to execute arbitrary commands on the systems. No patch available! Follow mitigation steps! forums.ivanti.com/s/article/CVE-…

🚨CVE-2023-46805 (CVSS 8.5/10)🚨 Critical zero-day vulnerability affecting Ivanti Policy Secure gateways is exploited in the wild and allows attackers to bypass authentication and access restricted resources on the systems. Follow the mitigation steps now! forums.ivanti.com/s/article/CVE-…

🚨CVE-2023-20198 (CVSS 10.0/10)🚨Critical zero-day vulnerability affecting Cisco IOS XE Software and allows a remote, unauthenticated attacker to create an account on an affected system with administrative privileges. sec.cloudapps.cisco.com/security/cente…

🚨CVE-2023-44487🚨Critical vulnerability affecting HTTP/2 protocol is exploited and could lead to potential massive DDoS attacks. Patch now ! nvd.nist.gov/vuln/detail/CV…

🚨CVE-2023-41992 (CVSS 9.8/10)🚨Critical zero-day vulnerability affecting Apple products is exploited and allows attackers to perform kernel privilege escalation. Update your devices now! nvd.nist.gov/vuln/detail/CV…

🚨CVE-2023-41993 (CVSS 9.8/10)🚨 Critical zero-day vulnerability affecting Safari is actively exploited and allow attackers to perform remote code execution. Update your iOS and iPadOS devices immediately! support.apple.com/en-us/HT213930

🚨CVE-2023-26369 (CVSS 7.8/10)🚨Critical zero-day vulnerability affecting Adobe Acrobat & Reader is exploited and allows attackers to execute out-of-bounds writes, leading to unauthorized access, data manipulation, or system compromise. Patch now! helpx.adobe.com/security/produ…

Threat actors actively exploiting critical exploit chain involving CVE-2023-36844, CVE-2023-36845, CVE-2023-36846, and CVE-2023-36847 and targeting Juniper Networks EX Switches and SRX firewalls through J-Web configuration interface. Patch available since August 17, 2023.

🚨CVE-2023-38035🚨Critical API authentication vulnerability in Ivanti MobileIron Sentry MICS allows unauthenticated actor with access to the Admin Portal to make configuration changes to Sentry and execute OS commands as root. Follow vendor steps ASAP. forums.ivanti.com/s/article/KB-A…

🚨 CVE-2023-32560 🚨 Two critical stack-based buffer overflow vulnerabilities found in Ivanti Avalanche 💻 Attackers can disrupt services or execute arbitrary code Affected: Ivanti Avalanche 6.4.0.0 and earlier 🔒 Apply security update 6.4.1 ASAP

🚨 CVE-2023-35082 🚨 Critical API access vulnerability in IEMM and MobileIron Core exploited in the wild allowing unauthenticated API access including the ability to disclose personally identifiable information and perform modifications to the platform. Patch and monitor ASAP.

🚨 CVE-2023-35081 🚨 Directory traversal vulnerability in Ivanti Endpoint Manager Mobile actively exploited in the wild and allowing admin privileges combined with CVE-2023-35078. Immediate patching and monitoring recommended.

🔒#CVE-2023-35078📢: Critical zero-day vulnerability in Ivanti Endpoint Manager Mobile (EPMM) allowing unauthenticated access to restricted resources. Exploited in attacks against the Norwegian government. Apply patch released by Ivanti ASAP & monitor systems for compromise.

🚨URGENT! CVE-2023-33308 affecting Fortinet's FortiOS / FortiProxy is actively exploited and allows an attacker to perform remote code execution. Highly Critical Vulnerability CVSS 9.8 ! Update now ! fortiguard.com/psirt/FG-IR-23…

🚨URGENT! CVE-2023-35311 (CVSS score: 8.8/10) affecting MS Office 365, Office 2019-2021 LTSC, Outlook 2013-2016 is exploited and allows an attacker to bypass the Outlook Security Notice prompt. Update now ! msrc.microsoft.com/update-guide/e…

🚨URGENT! Patch your Fortigate Firewall for CVE-2023-27997 now! It's actively exploited, targeting government, and critical infrastructure. Public exploit available for remote code execution. CVSS score: 9.8/10. 70% vulnerable!!! fortiguard.com/psirt/FG-IR-23…

New #phishing against POST customers. hXXps://postonlindetelcom.weebly.com/ We are currently dealing with this incident.

fortiguard.com/psirt/FG-IR-22… "FortiOS / FortiProxy / FortiSwitchManager - Authentication bypass on administrative interface" The advisory includes a hint/indicator to find out if your device was compromised. CVE-2022-40684