Rampant Cybersecurity Bulletin
August 2017
Latest High Risk Vulnerabilities
You should be aware of the following vulnerabilities, and we recommend patching them immediately if they apply to your systems. Click titles below for more details.
Microsoft Edge Privilege Escalation
Microsoft Windows Hyper-V code Execution
Cisco DPC3939 Privilege Escalation
Linux Kernel Privilege Escalation
Cisco Virtual Network Function Element Manager Command Execution
Apache Subversion svn+ssh:// URL command execution
Zend Framework Cross-Site Request Forgery
Reported: August 25, 2017
Affected Products:
Zend Framework versions: 2.3.0-2.3.3
Details: Zend Framework is vulnerable to an attack that is caused by improper validation of user-supplied input. An attacker can remotely send null or malformed token identifiers to perform unauthorized actions.
Solution: Refer to ZF2015-03 for relevant patch and workaround information.
References:
Previous Cybersecurity Bulletins
Not sure if you are vulnerable? Rampant specializes in vulnerability assessments and penetration testing for small & mid-size businesses!
Latest Threat Advisories
You should be aware of the following threats and implement the recommended mitigations to ensure your systems are not impacted. Click titles below for more details.
Perl Shellbot Command Injection Attack