Advisory No: TZCERT/SA/2023/07/14-01

Date of First Release: 14^th July 2023

Source: Microsoft

Software Affected: Microsoft Office and Windows

Overview:

Microsoft has released security workaround to address a critical vulnerability affecting Microsoft Office and Windows. The vulnerability may allow an attacker to take control of affected system.

Description:

Microsoft Office and Windows are affected with a remote code execution vulnerability. The vulnerability allows the attacker to use a specially crafted Microsoft Office document to perform remote code execution in the context of the victim. However, for the exploit to be successful, the attacker must persuade the victims to open the malicious Office document.

Impact:

Successful exploitation of this vulnerability may allow the attacker to control of the affected system.

Solution:

Microsoft has released a workaround for this vulnerability. Users and administrators are encouraged to apply necessary updates.

References:

1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36884
2. https://securityaffairs.com/148380/hacking/office-zero-day-cve-2023-36884.html

Advisory No: TZCERT/SA/2023/07/14-02

Date of First Release: 14^th July 2023

Source: Citrix

Software Affected: Citrix ADC

Overview:

Citrix has released security patches to address a critical vulnerability affecting the secure access client for Ubuntu. The vulnerability could allow an attacker to execute arbitrary code.

Description:

Citrix Secure Access client for Ubuntu is affected with remote code execution vulnerability. The vulnerability allows an elevated privilege access to the attacker with access to vulnerable client. A victim user must open an attacker-crafted link and accept further prompts.

Impact:

Successful exploitation of this vulnerability may allow the attacker to control of the affected system.

Solution:

Citrix has released patches for this vulnerability. Users and administrators are encouraged to apply necessary updates.

References:

1. https://support.citrix.com/article/CTX564169/citrix-secure-access-client-for-ubuntu-security-bulletin-for-cve202324492
2. https://securityaffairs.com/148405/security/citrix-critical-flaw-secure-access-client-for-ubuntu.html
3. https://digital.nhs.uk/cyber-alerts/2023/cc-4353

Advisory No: TZCERT/SA/2023/07/14-03

Date of First Release: 14^th July 2023

Source: Cisco

Software Affected: Cisco SD-WAN vManage software

Overview:

Cisco has released security patches to address a critical vulnerability affecting Cisco SD-WAN vManage software. The vulnerability could allow an attacker to attain unauthenticated access to REST API.

Description:

Cisco SD-WAN vManage is affected with an authentication vulnerability in its REST API. This is the result of insufficient request validation when using REST API feature. The vulnerability allows unauthenticated remote attacker to read or write to the configuration of the affected vManage instance.

Impact:

Successful exploitation of this vulnerability may allow the attacker to retrieve information from and send information to the configuration of the affected Cisco vManage instance.

Solution:

Cisco has released patches for this vulnerability. Users and administrators are encouraged to apply necessary updates.

References:

1. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanage-unauthapi-sphCLYPA
2. https://www.itnews.com.au/news/cisco-sd-wan-api-vulnerability-patched-597922

Aruba Networks has released security updates to address vulnerabilities in ArubaOS. Exploitation of these vulnerabilities may allow an attacker to take control of affected system.

Users and administrators are encouraged to review Aruba Networks Security Advisory and apply necessary updates.

F5 has released security updates to address vulnerabilities in BIG-IP. Exploitation of these vulnerabilities may allow an attacker to access to sensitive information.

Users and administrators are encouraged to review F5 Security Advisory and apply necessary updates.