Skip to main content
We are continuing to get a large number of reports of emails imitating Manx Telecom being sent to @manx.net addresses and are aware of over 35 subsequent account compromises.

Overview

Microsoft has released its November 2023 updates, consisting of 63 vulnerabilities, two of which have been categorised as ‘Important’. The vulnerability (CVE-2023-66397) has the potential for remote code execution, but is currently not being exploited. The other ‘Important’ vulnerability (CVE-2023-36028) also risks remote code execution, allowing unauthorised attackers to target the Microsoft Protected Extensible Authentication Protocol (PEAP) Server and send malicious PEAP packets over a network.

VMware has released a security advisory addressing a vulnerability affecting the Cloud Director Appliance, a deployment, automation and management software, when updated from an older 10.4.x version to the newer 10.5 version. The vulnerability (CVE-2023-34060) is categorised as critical, with a base score of 9.8, due to the potential of malicious actors with network access to bypass login restrictions when authenticating on ports 22 or 5480. New installations of version 10.5 remain unaffected.

Juniper has released patches for four newly reported vulnerabilities. Three vulnerabilities (CVE-2023-38644, CVE-2023-38646 and CVE-2023-368847) are categorised as medium, all with a base rating of 5.3, and affect all J-web networks on Junos OS prior to version 20.4R3-S8. One vulnerability (CVE-2023-36845) has been categorised as Critical, with a base score of 9.8, due to the risk of unauthorised network-based attackers to gain control of certain important environment variables.

Fortinet has released security advisories to address several vulnerabilities affecting FortiClient, FortiGate and FortiSIEM.   A critical vulnerabilities affects FortiSIEM and might allow a remote-attacker to make unauthorised commands.  Two high-severity vulnerabilities affect FortiClient (Windows) with CVE-2022-40681 allowing for file deletion with low account privileges and CVE-2023-41840 allowing an attacker to perform a DLL hi-jack using a malicious Open SSL engine library.

CrushFTP has reported a critical vulnerability, CVE-2023-43177, that could allow an attacker to gain access only by knowing the administrator username and also allowing unauthorised access to files, which can then be in turn used to login as a more privileged user.

Recommended Action

Organisations are encouraged to review the appropriate security advisory pages and apply the updates:

MicrosoftRelease Notes and Security Update Guide

VMwareSecurity Advisories

Juniper Knowledge Base

Fortinet – PSIRT Advisories

CrushFTP – Version 10

 

If you have any concerns, or have been affected by a cyber-related issue, report it to us by submitting a Cyber Concerns Online Reporting Form.

Topics

  • Advisory
  • Vulnerability
  • Patches and Updates