The agency has identified a critical flaw in Sophos products, CVE-2023-1671, which has been exploited by attackers allowing arbitrary code execution. Sophos released patches in April and informed customers that the affected appliance would reach its end of life on July 20, 2023. Although no public reports have described attacks exploiting CVE-2023-1671, Sophos was unable …
The CPU manufacturer Intel recently released microcode updates to address a security vulnerability registered as CVE-2023-23583, which has been classified as highly severe. This vulnerability affects various desktop, server, and mobile processors and could potentially allow authenticated attackers with local access to escalate their privileges, steal information, and execute DoS attacks. The security flaw, referred …
Intel Releases Microcode Updates to Address Critical Security Vulnerability Read More »
VMware has disclosed a critical security vulnerability affecting its Cloud Director (VCD) software, which could allow attackers to bypass authentication on vulnerable systems. Tracked as CVE-2023-34060 and rated with a CVSS score of 9.8, the flaw impacts VCD-Appliances that have been upgraded from an older version to Version 10.5. However, newly installed Version 10.5 appliances …
VMware Cloud Director Vulnerability: Critical Security Bypass Exposed Read More »