Allow me to introduce myself. I am Velma, The Rootshell Platform Vulnerability Enhanced Learning Machine AI. My purpose is to inform you about significant technical vulnerabilities and exploits that require immediate attention through patching or configuration changes.
Similar to human security analysts, I tirelessly scour numerous forums, websites, and social media channels to provide what I deem as pertinent Threat Intelligence regarding active vulnerabilities.
Below is the complete list of vulnerabilities for this month:
CVE-2023-32369 | macOS Migraine – Arbitrary Kernel Code Execution
Microsoft has shared details of a now-patched flaw in Apple macOS that could be abused by threat actors with root access to bypass security enforcements and perform arbitrary actions on affected devices. Specifically, the flaw – dubbed Migraine and tracked as CVE-2023-32369 – could be abused to get around a key security measure called System Integrity Protection (SIP), or “rootless,” which limits the actions the root user can perform on protected files and folders. The most straightforward implication of a SIP bypass is that an attacker can create files that are protected by SIP and therefore undeletable by ordinary means. Even worse, it could be exploited to gain arbitrary kernel code execution and even access sensitive data by replacing databases that manage Transparency, Consent, and Control (TCC) policies.
CVE-2023-34362 | Progress Software – MOVEit
A critical vulnerability has been found in Progress Software’s MOVEit Transfer solution. The vulnerability is a SQL injection flaw that allows for “escalated privileges and potential unauthorized access” on target systems. This means that attackers could potentially gain access to sensitive data or even take control of the affected systems. MOVEit Transfer customers are urged to prioritize mitigation of the vulnerability as soon as possible. The following steps can be taken to mitigate the vulnerability: Disable all HTTP and HTTPS traffic to your MOVEit Transfer environment. Upgrade to a fixed version of MOVEit Transfer. Check for potential indicators of unauthorized access. Progress Software has released security updates for all affected versions of MOVEit Transfer. These updates can be downloaded from the Progress Software website.
CVE-2023-29336 | Win32k – Elevation of Privilege Vulnerability
Details have emerged about a now-patched actively exploited security flaw in Microsoft Windows that could be abused by a threat actor to gain elevated privileges on affected systems. The vulnerability, tracked as CVE-2023-29336, is rated 7.8 for severity and concerns an elevation of privilege bug in the Win32k component. “An attacker who successfully exploited this vulnerability could gain SYSTEM privileges,” Microsoft disclosed in an advisory issued last month as part of Patch Tuesday updates. Win32k.sys is a kernel-mode driver and an integral part of the Windows architecture, being responsible for graphical device interface (GUI) and window management.
CVE-2023-33299 | FortiNAC – Network Access Control Solution
Fortinet has rolled out updates to address a critical security vulnerability impacting its FortiNAC network access control solution that could lead to the execution of arbitrary code. Tracked as CVE-2023-33299, the flaw is rated 9.6 out of 10 for severity on the CVSS scoring system. It has been described as a case of Java untrusted object deserialization. “A deserialization of untrusted data vulnerability [CWE-502] in FortiNAC may allow an unauthenticated user to execute unauthorized code or commands via specifically crafted requests to the tcp/1050 service.
CVE-2023-27992 | Zyxel NAS326 – Injection Vulnerability
The pre-authentication command injection vulnerability in the Zyxel NAS326 firmware versions prior to V5.21(AAZF.14)C0, NAS540 firmware versions prior to V5.21(AATB.11)C0, and NAS542 firmware versions prior to V5.21(ABAG.11)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands remotely by sending a crafted HTTP request.
CVE-2023-29357 | Sharepoint Server – Escalation Flaw
CVE-2023-29357 (CVSS score: 9.8), a privilege escalation flaw in SharePoint Server that could be exploited by an attacker to gain administrator privileges. “An attacker who has gained access to spoofed JWT authentication tokens can use them to execute a network attack which bypasses authentication and allows them to gain access to the privileges of an authenticated user,” Microsoft said. “The attacker needs no privileges nor does the user need to perform any action.”
CVE-2023-20867 | VMware – Authentication Flow
A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine.
CVE-2023-27997 | Fortinet Firewalls – Remote Code Execution
Fortinet has released patches to address a critical security flaw in its FortiGate firewalls that could be abused by a threat actor to achieve remote code execution. The vulnerability, tracked as CVE-2023-27997, is “reachable pre-authentication, on every SSL VPN appliance,” Lexfo Security researcher Charles Fol, who discovered and reported the flaw, said in a tweet over the weekend. Details about the security flaw are currently withheld and Fortinet is yet to release an advisory, although the network security company is expected to publish more details in the coming days.
CVE-2023-20887 | Aria Operations for Networks (Formerly vRealize Network Insight)
Multiple vulnerabilities in Aria Operations for Networks were privately reported to VMware. Patches are available to remediate these vulnerabilities in affected VMware products.
CVE-2023-3079 | Chrome Web Browser – Confusion Bug
Google is aware that an exploit for CVE-2023-3079 exists in the wild. CVE-2023-3079 has been assessed to be a high-severity issue and it was discovered by Google’s researcher Clément Lecigne on June 1, 2023, and is a type confusion in V8, Chrome’s JavaScript engine tasked with executing code within the browser. Type confusion bugs arise when the engine misinterprets the type of an object during runtime, potentially leading to malicious memory manipulation and arbitrary code execution. The first zero-day vulnerability that Google fixed in Chrome this year was CVE-2023-2033, which is also a type confusion bug in the V8 JavaScript engine.
CVE-2023-27997 | Fortinet Firewall – Arbitrary Code Execution
Fortinet on Monday disclosed that a newly patched critical flaw impacting FortiOS and FortiProxy may have been “exploited in a limited number of cases” in attacks targeting government, manufacturing, and critical infrastructure sectors. The vulnerability, tracked as CVE-2023-27997 (CVSS score: 9.2), concerns a heap-based buffer overflow vulnerability in FortiOS and FortiProxy SSL-VPN that could allow a remote attacker to execute arbitrary code or commands via specifically crafted requests. It was addressed by Fortinet on June 9, 2023 in the following versions – FortiOS-6K7K version 7.0.12 or above FortiOS-6K7K version 6.4.13 or above FortiOS-6K7K version 6.2.15 or above FortiOS-6K7K version 6.0.17 or above FortiProxy version 7.2.4 or above FortiProxy version 7.0.10 or above FortiProxy version 2.0.13 or above FortiOS version 7.4.0 or above FortiOS version 7.2.5 or above FortiOS version 7.0.12 or above FortiOS version 6.4.13 or above FortiOS version 6.2.14 or above, and FortiOS version 6.0.17 or above
CVE-2023-32435 | Apple IOS – Arbitrary Code Execution
A memory corruption issue was addressed with improved state management. This issue is fixed in Safari 16.4, iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3, iOS 15.7.7 and iPadOS 15.7.7. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7.
CVE-2023-29363 | Windows Pragmatic General Multicast (PGM) – Remote Code Execution Vulnerability
When Windows message queuing service is running in a PGM Server environment, an attacker could send a specially crafted file over the network to achieve remote code execution and attempt to trigger malicious code. This issue is included in Junes 23 Patch Tuesday. Impact: Remote Code Execution Max Severity: Critical CVSS:3.1 9.8 / 8.5
CVE-2023-20887 | Aria Operations – Remote Code Execution
Aria Operations for Networks contains a command injection vulnerability. A malicious actor with network access to VMware Aria Operations for Networks may be able to perform a command injection attack resulting in remote code execution.
CVE-2023-32434 | IOS – Arbitrary Code Execution
An integer overflow was addressed with improved input validation. This issue is fixed in watchOS 8.8.1, iOS 16.5.1 and iPadOS 16.5.1, iOS 15.7.7 and iPadOS 15.7.7, macOS Big Sur 11.7.8, macOS Monterey 12.6.7, macOS Ventura 13.4.1, watchOS 9.5.2. An app may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7.
CVE-2023-33140 | Microsoft OneNote – Spoofing Vulnerability
Exploitation of the vulnerability requires that a user open a specially crafted file with an affected version of Microsoft OneNote and then click on a specially crafted URL to be compromised by the attacker. This is issue is included in the Patch Tuesday for June 20023 This issue was identified and reported to Microsoft by Rootshell Security’s RedForce Team.
Subscribe So You Never Miss an Update
