Advisory No: TZCERT/SA/2023/07/14-01 Date of First Release: 14th July 2023 Source: Microsoft Software Affected: Microsoft Office and Windows Overview: Microsoft has released security workaround to address a critical vulnerability affecting Microsoft Office and Windows. The vulnerability may allow an attacker to take control of affected system. Description: Microsoft Office and …

Advisory No: TZCERT/SA/2023/07/14-02 Date of First Release: 14th July 2023 Source: Citrix Software Affected: Citrix ADC Overview: Citrix has released security patches to address a critical vulnerability affecting the secure access client for Ubuntu. The vulnerability could allow an attacker to execute arbitrary code. Description: Citrix Secure Access client for …

Advisory No: TZCERT/SA/2023/07/14-03 Date of First Release: 14th July 2023 Source: Cisco Software Affected: Cisco SD-WAN vManage software Overview: Cisco has released security patches to address a critical vulnerability affecting Cisco SD-WAN vManage software. The vulnerability could allow an attacker to attain unauthenticated access to REST API. Description: Cisco SD-WAN …

Aruba Networks has released security updates to address vulnerabilities in ArubaOS. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are encouraged to review Aruba Networks Security Advisory and apply necessary updates.

F5 has released security updates to address vulnerabilities in BIG-IP. Exploitation of these vulnerabilities may allow an attacker to access to sensitive information. Users and administrators are encouraged to review F5 Security Advisory and apply necessary updates.

Cisco has released security updates to address vulnerabilities in Cisco SD-WAN vManage, Cisco Secure Email and Cisco Secure Web Appliance. Exploitation of these vulnerabilities may allow an attacker to escalated privilege. Users and administrators are encouraged to review Cisco Security Advisories cisco-sa-vmanage-unauthapi and cisco-sa-esa-sma-wsa-xss and apply necessary updates.

Wordfence has released security updates to address vulnerabilities in multiple WordPress plugin. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are encouraged to review Wordfence Security Advisories mailarchiver-2101, sp-project-document-manager-467, super-socializer-71353, all-in-one-wp-security-519, kb-support-1588 and post-smtp-257 and apply necessary updates.

Red Hat has released security updates to address vulnerabilities in nodejs, python and grafana. Exploitation of these vulnerabilities may allow an attacker to gain escalated privilege. Users and administrators are encouraged to review Red Hat Security Advisories RHSA-2023:4039, RHSA-2023:4030 and RHSA-2023:3976 and apply necessary updates.

Zoom has released security updates to address vulnerabilities in Zoom Rooms. Exploitation of these vulnerabilities may allow an attacker to gain escalated privilege. Users and administrators are encouraged to review Zoom Security Advisories dated 11th July 2023 and apply necessary updates.

Lenovo has released security updates to address vulnerabilities in AMD SEV VM, NVIDIA, Lenovo UDC and AMI MegaRAC. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are encouraged to review Lenovo Security Advisories LEN-132938, LEN-129488, LEN-121183 and LEN-118375 and apply necessary …