In the ever-evolving cybersecurity landscape, new vulnerabilities emerge daily, constantly threatening individuals, organizations, and governments. Google and Microsoft have recently found themselves on the receiving end of unrelenting attacks, driving home the importance of tackling these vulnerabilities head-on.
With state sponsored bad actors looking to exploit published vulnerabilities before they are patched, it is more important than ever to take swift action and to have a reliable process to rapidly respond to new vulnerabilities in your software supply chain.
WebP 0-Day Attack
A zero-day vulnerability identified as CVE-2023-4863 has sent shockwaves through the cybersecurity landscape, posing a substantial risk to major web browsers and a wide range of applications.
Google has rated its severity at the highest possible level of 10.0, highlighting the gravity of the situation.
This vulnerability targets the WebP image format and specifically exploits the technique used for lossless image compression on the web, a fundamental tool for web developers seeking faster-loading, smaller images.
A second CVE, CVE-2023-5129 was created to highlight that the flaw extended beyond Chrome, but it has subsequently been rejected as a duplicate of CVE-2023-4863 which is being updated to indicate the broader impact to the digital ecosystem.
Confluence Data Center and Server - Broken Access Control Vulnerability
Microsoft has issued a critical alert regarding the exploitation of a recently disclosed high-severity vulnerability in the Atlassian Confluence Data Center and Server by a nation-state actor tracked as Storm-0062 (also known as DarkShadow or Oro0lxy).
CVE-2023-22515 carries a high CVSS severity rating of 10.0, enabling remote attackers to establish unauthorized Confluence administrator accounts and gain access to Confluence servers.
Atlassian has released patches in the following versions:
⚠️ It’s important to note that Atlassian Cloud sites are not affected by this vulnerability.
Other Known Vulnerabilities Added to CISA Catalog
Aside from these high-profile cases, other known vulnerabilities have also been added to the Cybersecurity and Infrastructure Security Agency (CISA) catalog. These vulnerabilities serve as frequent attack vectors for malicious cyber actors, posing significant risks to the federal enterprise.
- CVE-2023-21608 - Adobe Acrobat and Reader Use-After-Free Vulnerability
- CVE-2023-20109 - Cisco IOS and IOS XE Group Encrypted Transport VPN Out-of-Bounds Write Vulnerability
- CVE-2023-41763 - Microsoft Skype for Business Privilege Escalation Vulnerability
- CVE-2023-36563 - Microsoft WordPad Information Disclosure Vulnerability
- CVE-2023-44487 - HTTP/2 Rapid Reset Attack Vulnerability
How to identify vulnerable and Mitigate them using MergeBase
To combat new vulnerabilities, timely patch management is imperative. Organizations must proactively identify, assess, and patch vulnerabilities in their software and systems. Delaying or neglecting this process can leave a system exposed and vulnerable to attack.
MergeBase simplifies the complex task of patch management. Offering a comprehensive, real-time database of software vulnerabilities, their severity, and applicable patches. It empowers organizations to stay ahead of state-sponsored actors.
Protect your applications from security vulnerabilities with MergeBase
In the age of relentless state-sponsored cyber attacks, there’s no room for complacency regarding software vulnerabilities. Prompt and efficient patch management is a paramount defense. Knowing about vulnerabilities and staying updated is the first step in staying ahead of the game.
MergeBase is a powerful ally in this battle, providing real-time information and streamlining the patching process, reducing the window of opportunity for state actors.
Don’t wait for a new breach; be proactive in securing your applications and systems. Protect your application from known vulnerabilities.
Find information about other vulnerabilities here: OpenSSL, Lazarus Hackers and Apache ActiveMQ