CYBER Threat Intelligence Reports
LATEST CTIs
CISA: OpenSSL Vulnerabilities and Security Framework Initiative (CVE-2023-0286, CVE-2022-4304)
OpenSSL has announced vulnerabilities in versions 3.0.0, 2.2.2, and 1.0.2; users are urged to update to 3.0.8, 1.1.1t, or 1.0.2zg promptly. Concurrently, CISA and OpenSSF…
Read more >
CVE-2024-0985: A Critical Security Vulnerability in PostgreSQL
CVE-2024-0985 poses a critical risk to PostgreSQL versions 12-15, allowing elevated privilege attacks via specific operations. Immediate upgrade to patched versions (12.18, 13.14, 14.11, 15.6)…
Read more >
CISA: Fortinet Security Advisories and CVE-2024-21762, CVE-2024-23313 Exploitation
Fortinet has issued updates for critical FortiOS vulnerabilities, CVE-2024-21762 and CVE-2024-23313, with the former actively exploited and the latter presenting a potential high-risk threat. Immediate…
Read more >
New Patch Bypasses for Critical FortiSIEM Vulnerability (CVE-2024-23108, CVE-2024-23109)
Fortinet clarifies CVE-2024-23108 and CVE-2024-23109 as patch bypasses for the critical FortiSIEM flaw CVE-2023-34992, enabling remote command execution. Fixes are promised in upcoming FortiSIEM releases,…
Read more >
Critical Shim Boot Loader Vulnerability Affects Linux Distributions (CVE-2023-40547)
CVE-2023-40547 poses a critical threat to Linux distributions with a CVSS score of 9.8, enabling Secure Boot bypass and potential remote code execution. Discovered by…
Read more >
Critical Vulnerabilities in Cisco Expressway Series
Cisco has patched critical CSRF vulnerabilities in its Expressway Series, CVE-2024-20252 and CVE-2024-20254, and a third vulnerability, CVE-2024-20255, affecting system configurations and causing DoS. Organizations…
Read more >
