Progress warns of critical MOVEit Automation auth bypass flaw
Progress Software warned customers to patch a critical authentication bypass vulnerability in its MOVEit Automation enterprise-grade managed file transfer (MFT) application. [...]
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Progress Software warned customers to patch a critical authentication bypass vulnerability in its MOVEit Automation enterprise-grade managed file transfer (MFT) application. [...]
TP-Link has patched several vulnerabilities in its Archer NX router series, including a critical-severity flaw that may allow attackers to bypass authentication and upload new firmware. [...]
Hewlett Packard Enterprise (HPE) has patched multiple security vulnerabilities in the Aruba Networking AOS-CX operating system, including several authentication and code execution issues. [...]
SolarWinds has released security updates to patch critical authentication bypass and remote command execution vulnerabilities in its Web Help Desk IT help desk software. [...]
IBM urged customers to patch a critical authentication bypass vulnerability in its API Connect enterprise platform that could allow attackers to access apps remotely. [...]
ASUS has released new firmware to patch nine security vulnerabilities, including a critical authentication bypass flaw in routers with AiCloud enabled. [...]
Two critical N-able vulnerabilities enable local code execution and command injection, and require authentication to exploit, suggesting they wouldn't be seen at the beginning of an exploit chain.
Mitel Networks has released security updates to patch a critical-severity authentication bypass vulnerability impacting its MiVoice MX-ONE enterprise communications platform. [...]
Citrix warns that patching recently disclosed vulnerabilities that can be exploited to bypass authentication and launch denial-of-service attacks may also break login pages on NetScaler ADC and Gateway appliances. [...]
The authentication bypass vulnerability in the OS for the company's firewall devices is under increasing attack and being chained with other bugs, making it imperative for organizations to mitigate the issue ASAP.
Netgear has fixed two critical remote code execution and authentication bypass vulnerabilities affecting multiple WiFi routers and warned customers to update their devices to the latest firmware as soon as possible. [...]
Today, Ivanti urged customers to patch a critical authentication bypass vulnerability impacting Virtual Traffic Manager (vTM) appliances that can let attackers create rogue administrator accounts. [...]
JetBrains urged customers today to patch their TeamCity On-Premises servers against a critical authentication bypass vulnerability that can let attackers take over vulnerable instances with admin privileges. [...]
Fortra is warning of a new authentication bypass vulnerability impacting GoAnywhere MFT (Managed File Transfer) versions before 7.4.1 that allows an attacker to create a new admin user. [...]
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a now-patched critical flaw impacting Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core to its Known Exploited Vulnerabilities (KEV) catalog, stating it's being actively exploited in the wild
CISA warns that a critical authentication bypass vulnerability in Ivanti's Endpoint Manager Mobile (EPMM) and MobileIron Core device management software (patched in August 2023) is now under active exploitation. [...]
The Cybersecurity and Infrastructure Security Agency (CISA) warned U.S. federal agencies today to secure their systems against a maximum severity authentication bypass vulnerability in Ivanti's Endpoint Manager Mobile (EPMM), formerly MobileIron Core. [...]
VMware has patched five security flaws affecting its Workspace ONE Assist solution, some of which could be exploited to bypass authentication and obtain elevated permissions
Fortinet on Monday revealed that the newly patched critical security vulnerability impacting its firewall and proxy products is being actively exploited in the wild
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has removed a Windows security flaw from its catalog of known exploited vulnerabilities due to Active Directory (AD) authentication issues caused by the May 2022 updates that patch it. [...]