Skip to main content

Overview

Docker has released a security advisory addressing a vulnerability in Moby, a software package that contains the core containerisation code for Docker Engine (docker-ce). Docker Engine is an open-source containerisation technology for building and containerising applications, which allows for rapid deployment on a system-agnostic architecture. AuthZ plugins allow administrators to implement access controls in the Docker daemon, which are not available by default.

Broadcom (VMWare) has released an advisory that addresses three security vulnerabilities in VMware ESXi, VMware vCenter Server, and VMware Cloud Foundation. VMware ESXi is an enterprise-class hypervisor, VMware vCenter Server is a centralised virtual machine manager, and Cloud Foundation is a platform for the provision of cloud environments. exploitation of CVE-2024-37085 by several ransomware groups has been reported in the wild.

Acronis has released an update for a critical vulnerability in multiple Acronis Cyber Infrastructure (ACI) build versions. Acronis ACI is a multi-tenant, hyper-converged infrastructure solution for cyber protection. The vulnerability is tracked as CVE-2023-45249 and has a base score of 9.8.

Apple has released security updates to address vulnerabilities in Safari, iOS, iPadOS, macOS, watchOS, tvOS, and visionOS. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.

Progress has released details of two critical severity vulnerabilities:

CVE-2024-6327 – In Progress Telerik Report Server versions prior to 2024 Q2 (10.1.24.709), a remote code execution attack is possible through an insecure, deserialisation vulnerability.

CVE-2024-6096 – In Progress Telerik Reporting versions prior to 18.1.24.709, an object injection attack is possible through an insecure-type resolution vulnerability.

Recommended Action

Organisations are encouraged to review the appropriate security advisory pages and apply the updates: Docker – Blog VMWare – Security Advisories Acronis – Security Advisor Apple – Safari 17.6 iOS 17.6 and iPadOS 17.6 iOS 16.7.9 and iPadOS 16.7.9 macOS Sonoma 14.6 macOS Ventura 13.6.8 macOS Monterey 12.7.6 watchOS 10.6 tvOS 17.6 visionOS 1.3 Progress – Telerik Report Server and Telerik Reporting

If you have any concerns, or have been affected by a cyber-related issue, report it to us by submitting a Cyber Concerns Online Reporting Form.

Topics

  • Advisory
  • Vulnerability
  • Exploit
  • Patches and Updates