VMware Carbon Black App Control Remote Code Execution Vulnerability (CVE-2023-20858) Notification
fevereiro 27, 2023
Overview Recently, NSFOCUS CERT found that VMware has officially fixed an App Control injection vulnerability (CVE-2023-20858). Due to flaws in product verification of user-input content, attackers with App Control management console permissions can access the underlying server operating system by entering specially crafted data, and ultimately achieve arbitrary code execution on the target system. The […]
Joomla Unauthorized Access Vulnerability (CVE-2023-23752) Notice
fevereiro 24, 2023
Overview Recently, Joomla officially released a security update notice to fix a Joomla unauthorized access vulnerability (CVE-2023-23752), which was submitted by a researcher of NSFOCUS Tianji Lab. Due to flaws in Joomla’s access control to Web service endpoints, unauthenticated attackers access the RestAPI interface to obtain Joomla-related configuration information by constructing specially crafted requests, which […]
ESXiArgs Ransomware Attack Event Analysis
fevereiro 23, 2023
The French Computer Emergency Response Team (CERT-FR) warned that [1] an attacker exploited a two-year-old remote code execution vulnerability in VMware ESXi server to deploy new ESXiArgs ransomware. The security vulnerability number is CVE-2021-21974 [2] and it is caused by a heap overflow vulnerability in the OpenSLP service. Unauthenticated attackers can use this vulnerability to […]
Fortinet Multiple Product Security Vulnerability Alerts
fevereiro 22, 2023
Overview Recently, NSFOCUS CERT found that Fortinet officially released a security notice, which fixed multiple Fortinet product vulnerabilities. The key vulnerabilities are as follows: FortiNAC keyUpload remote code execution vulnerability (CVE-2022-39952): Due to a flaw in the keyUpload script of FortNAC, an unauthenticated attacker can execute arbitrary code on the target system by sending a […]
Microsoft’s February security update for multiple high-risk product vulnerabilities
fevereiro 20, 2023
Overview On February 15, NSFOCUS CERT monitored that Microsoft had released a security update patch for February, which fixed 75 security issues, involving widely-used products such as Microsoft Exchange Server, Microsoft Word, Windows Graphics Component, Microsoft Publisher, etc., including high-risk vulnerability types such as privilege enhancement and remote code execution. Among the vulnerabilities fixed in […]
Key Technologies for Software Supply Chain Security—Techniques for Generating and Using the List of Software Compositions (Part 2)
fevereiro 17, 2023
Key Technologies for Software Supply Chain Security—Techniques for Generating and Using the List of Software Compositions (Part 1) Analysis Tools of List of Software Compositions According to the classification by the LINUX Foundation [1], SBOM tools are grouped into three categories, namely, to produce, consume and transform. Each category has three functions. For the producing […]
Introduction to NSFOCUS WAF REST API
fevereiro 17, 2023
WAF REST API is known as the secondary development interface, and can be called by third-party platforms/software for adding, deleting, modifying, and querying WAF as wells its site, policy, and other configurations. Basic Conventions Format conventions: WAF REST API requests and responses are in JSON format: The attribute (primary key) name and character string of […]
Key Technologies for Software Supply Chain Security—Techniques for Generating and Using the List of Software Compositions (Part 1)
fevereiro 13, 2023
The list of software compositions and the software bill of materials (SBOM) are different in the requirements for the granularity of the “minimum elements” of the software, without a substantial difference in technical ideas and implementation steps. Considering the relatively mature SBOM generation tools and techniques, this document focuses on various key SBOM techniques and […]
IBM WebSphere Application Server Remote Code Execution Vulnerability (CVE-2023-23477) Notice
fevereiro 10, 2023
Overview Recently, NSFOCUS CERT found that IBM officially fixed a remote code execution vulnerability in WebSphere Application Server (CVE-2023-23477). Due to the flaw in WebSphere Application Server’s validation of the data entered by users, under certain conditions, unauthenticated remote attackers can finally execute arbitrary code on the target server by constructing malicious serialized data. The […]
Protecting IoT Ecology and Building a Secure Future for Smart Cities
fevereiro 10, 2023
Smart city is a multi-disciplinary, multi-field, highly integrated large-scale system. One of the core components of the intelligent system of smart city is the Internet of Things (IoT), which drives the technologies that enable the perception of, as well as interaction and coordination with the physical world by the digital world. It is one of […]
