Center for Internet Security

A vulnerability has been discovered in Microsoft Windows Server Update Services (WSUS) which could allow for remote code execution. WSUS is a tool that helps organizations manage and distribute Microsoft updates across multiple computers. Instead of every PC downloading updates from Microsoft’s servers, WSUS downloads the updates and stores them, then distributes them to all computers on the network that connect to it. Successful exploitation of the vulnerability could allow an attacker to gain full control of the WSUS server and distribute malicious updates to client devices.

Multiple vulnerabilities have been discovered in Oracle products, the most severe of which could allow for remote code execution.

Multiple vulnerabilities have been discovered in Ivanti products, the most severe of which could allow for remote code execution. Successful exploitation of the most severe of these vulnerabilities could allow for remote code execution in the context of the system.Ivanti Endpoint Manager is a client-based unified endpoint management software.Ivanti Endpoint Manager Mobile (Ivanti EPMM) is a mobile management software engine that enables mobile device, application, and content management.Ivanti Neurons for Mobile Device Management (MDM) is a platform designed to streamline the management and security of mobile devices across various operating systems.Depending on the privileges associated with the system, an attacker could then install programs; view, change, or delete data. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution. Successful exploitation of the most severe of these vulnerabilities could result in an attacker gaining the same privileges as the logged-on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

Multiple vulnerabilities have been discovered in Mozilla products, the most severe of which could allow for arbitrary code execution.*Mozilla Firefox is a web browser used to access the Internet.Mozilla Firefox ESR is a version of the web browser intended to be deployed in large organizations.Mozilla Thunderbird is an email client.Mozilla Thunderbird ESR is a version of the email client intended to be deployed in large organizations.Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution. Adobe Connect is a software suite for online collaboration.Adobe Commerce is an enterprise-grade eCommerce platform that provides tools for creating and managing online stores for both B2B and B2C businesses.Magento Open Source is a free, downloadable eCommerce platform from Adobe that provides the core tools to create and manage an online store.Adobe Creative Cloud is a subscription service that provides access to Adobe’s suite of creative software applications.Adobe Bridge is a digital asset management and file browser for Creative Cloud applications.Adobe Animate is a multimedia creation tool used for designing interactive animations.Adobe Experience Manager (AEM) is a comprehensive content management and digital asset management system.Adobe Substance 3D Viewer is a free, standalone desktop application (currently in beta) designed to help designers and artists visualize and work with 3D models, textures, and materials.Adobe Substance 3D Modeler is a sculpting and 3D modeling application within Adobe’s Substance 3D suite that combines virtual reality (VR) and desktop experiences for natural, gestural creation of 3D models.Adobe FrameMaker is an authoring and publishing application primarily used for creating and managing long, complex technical and structured documents.Adobe Illustrator is used for creating vector-based graphics like logos, icons, and illustrations that can be scaled to any size without losing quality.Adobe Dimension is a 3D design application for creating photorealistic product mockups, brand visualizations, and other 3D graphics.Adobe Substance 3D Stager is a professional software for creating and rendering 3D scenes to produce photorealistic images. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights 

A vulnerability has been discovered in Oracle E-Business Suite, which could allow for remote code execution. Oracle E-Business Suite (EBS) is a comprehensive suite of integrated business applications that runs core enterprise functions. Successful exploitation of this vulnerability could allow an actor to execute code in the context of the affected component. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Multiple vulnerabilities have been discovered in VMware Aria Operations and VMware Tools, the most severe of which could allow for privilege escalation to root. VMware Aria is a multi-cloud management platform that provides automation, operations, and cost management for applications and infrastructure across private, public, and hybrid cloud environments. Successful exploitation of the most severe of these vulnerabilities could allow for privilege escalation to root. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Multiple vulnerabilities have been discovered in Cisco products, the most severe of which could allow for remote code execution. Cisco is a leading technology company best known for its networking hardware and software, such as routers and switches, that form the backbone of the internet and enterprise networks. Successful exploitation of the most severe of these vulnerabilities could allow for remote code execution as root, which may lead to the complete compromise of the affected device.

A vulnerability has been discovered in Nx (build system) Package, which could allow for sensitive data exfiltration. Nx is a smart, fast, and extensible build system designed for managing monorepos efficiently by providing features like dependency graph analysis, computation caching, distributed task execution, and codebase upgrades. Successful exploitation of this vulnerability could allow an attacker to perform network reconnaissance and leak sensitive data.