UCSF IT Technology

Fortinet has released security updates to address a vulnerabilities in multiple Fortinet Products. A remote attacker could exploit this vulnerability to take control of an affected system.

WordPress released security updates to address vulnerabilities in the Elementor and Backup Migration Plugins. Exploitation of these vulnerabilities could allow an attacker to perform remote code execution.

Netgate released security updates to address a vulnerability in Netgate pfSense. A threat actor could exploit these vulnerabilities to perform remote code execution.

SAP released their December 2023 updates to address vulnerabilities in various SAP products. For a complete description of the vulnerabilities and affected systems go to SAP Security Patch Day – December 2023.IT Security

Apple has released security updates to address vulnerabilities in multiple Apple products.  A cyber threat actor could exploit these vulnerabilities to take control of an affected system.For a complete description of the vulnerabilities and affected systems go to Apple Security Updates.IT Security

Threat Alert: Bonus-Themed Lures Harvest Credentials 

Apache released security updates to address a vulnerability in Apache Struts. A threat actor could exploit this vulnerability to perform remote code execution.For a complete description of the vulnerabilities and affected systems go to CVE-2023-50164 Detail.IT Security

WordPress released security updates to address vulnerabilities in WordPress. These vulnerabilities could be exploited to perform remote code execution.For a complete description of the vulnerabilities and affected systems go to WordPress 6.4.2.IT Security

Atlassian has released security updates to address  vulnerabilities affecting multiple Atlassian products. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system.

Sierra Wireless released security updates to address a Critical and other vulnerabilities in Sierra Wireless Routers. Forscout reported that most of the routers sit unpatched exposing critical infrastructure to attacks. Many of the routers are unpatched exposing entities to remote code execution, unauthorized access, authentication bypass, denial-of-service (DoS), and cross-site scripting (XSS) flaws.