CSIRT Consultant| ITIL | BTL1 | Incident Response & Threat Detection | SIEM | EDR | Vulnerability Management
🚨 Security Alerts: Critical Vulnerabilities You Need to Know 🚨 1. BeyondTrust Critical Vulnerability (CVE-2024-12356) BeyondTrust has patched a critical unauthenticated command injection vulnerability (CVSS 9.8) in its Privileged Remote Access (PRA) and Remote Support (RS) products. The flaw, discovered during a security incident investigation, allows arbitrary command execution via crafted client requests. Priority: Critical Relevance: General 🔗 More Info on: https://lnkd.in/g736-Hie 2. Multiple Vulnerabilities in Google Chrome for Desktop CERT-In issued a note (CIVN-2024-0356) highlighting several high-severity flaws in Google Chrome for Desktop. These vulnerabilities could enable remote code execution or Denial of Service (DoS) attacks. Priority: Urgent Relevance: General 🔗 More Info on: https://lnkd.in/gX2DYqUg 3. Fortinet Critical Vulnerabilities Limited File Read in FortiWLM (CVE-2023-34990): Allows unauthenticated attackers to read sensitive files via path traversal, risking data exposure. OS Command Injection in FortiManager (CVE-2023-34990): Enables authenticated attackers to execute unauthorized code via FGFM requests. Priority: Critical 🔗 Details on: https://lnkd.in/gvnc-_7f 4. ThreatQuotient ThreatQ Platform Vulnerability In ThreatQuotient ThreatQ Platform versions prior to 5.29.3, a command injection vulnerability exists in the API endpoint, potentially allowing remote code execution. Priority: Critical 🔗 Details on: https://lnkd.in/grPj3B-r Stay updated and secure by applying the latest patches immediately. Cybersecurity is a shared responsibility! 🛡️
