Weekly Vulnerabilities Review (July 17 – July 23)
Weekly Vulnerabilities Review (July 17 – July 23)

Let’s take a look at a brief overview of new cybersecurity solutions from last week. In the spotlight: Ivanti, AMD, MikroTik, Citrix, Perimeter81, Apache, Atlassian, TETRA.

Ivanti urges its userbase to promptly update their Endpoint Manager Mobile (EPMM) mobile device management software, previously known as MobileIron Core. This move is in response to an urgent need to rectify an ongoing exploitation of a zero-day vulnerability. The issue, labeled CVE-2023-35078, is characterized as a remote, unauthenticated API access vulnerability affecting currently supported version 11.4 releases 11.10, 11.9, and 11.8 along with older versions.

Simultaneously, AMD is releasing microcode patches to mitigate a Zen 2 processor vulnerability that threatens to expose sensitive information. The susceptibility, known as Zenbleed and officially tracked under CVE-2023-20593, came to light through a Google-led CPU research project. The company reported the findings to AMD on May 15.

Concerns have also been raised about a serious privilege escalation issue affecting MikroTik RouterOS. It can be exploited by remote attackers aiming to run arbitrary code and gain full authority over susceptible devices. This vulnerability, listed as CVE-2023-30799 with a CVSS score of 9.1, is expected to pose a potential threat to between 500,000 and 900,000 RouterOS systems via their web and/or Winbox interfaces, according to a report from VulnCheck.

In addition, the Cybersecurity and Infrastructure Security Agency recently reported an instance of malicious actors exploiting a Citrix vulnerability to pilfer active directory data from a critical infrastructure organization. The agency advised organizations to take necessary measures to identify a potential system compromise and to implement patches accordingly.

Meanwhile, a new investigation has discovered five vulnerabilities in the Terrestrial Trunked Radio (TETRA) standard, two of which are considered critical. TETRA, used predominantly by police outside the US, is also employed by fire and ambulance services, transportation agencies, utilities, military, border control and customs agencies in over 100 countries worldwide, including the UN and NATO.

Atlassian has issued patches for two remote code execution (RCE) vulnerabilities discovered in the Confluence Data Center and Server and one more in the Bamboo Data Center. The most severe among these, tagged as CVE-2023-22508 with a CVSS score of 8.5, originated in Confluence version 7.4.0. The secondary flaw, registered under CVE-2023-22505 with a CVSS score of 8.0, was first detected in Confluence version 8.0.0.

Network security firm Perimeter81 has been advised to revise its responsible disclosure procedure for vulnerabilities detected in its offerings. The company came under scrutiny when cybersecurity researcher Erhad Husovic released a blog post at the end of June, shedding light on a local privilege escalation vulnerability found in Perimeter81’s macOS application.

Sonar, a cybersecurity firm, has issued a warning about three vulnerabilities present in Apache OpenMeetings that may subject organizations to remote code execution attacks. As a web conferencing application, OpenMeetings is leveraged for online meetings, collaboration, and presentations, either as a standalone software or as a plugin for Confluence, Jira, and other applications.