Insights | Resources by Cybersafe Solutions

Cybersafe Solutions Security Advisory Bulletin Nov 24, 2023

Written by Cybersafe Solutions | Nov 24, 2023 3:00:00 PM

In this week's Security Advisory: 

  • Beware of Shopping Related Scams This Holiday Season
  • Critical Vulnerability (CVE-2023-36553) in FortiSIEM
  • Multiple Vulnerabilities in Mozilla Products

Beware of Shopping Related Scams This Holiday Season

Black Friday and Cyber Monday are prime times for threat actors to make a big push in their campaigns.  Attackers will be more aggressive with phishing schemes and online shopping scams.  Attackers will attempt to lure a victim with incentives, gift cards, or discounts on popular items when their real intentions are to obtain credentials, credit card information, steal money, or potentially infect a victim's host with malware.  Threat actors can distribute malware through advertisements, e-mail communications, or QR codes, which would redirect the user to malicious sites.

Cybersafe recommends taking an extra moment and using discretion before acting when receiving any form of communication during the holiday season relating to offers, discount links, or problems with purchases that you never made.  This awareness should be shared with all members of the organization including friends and family.

More Reading/Information:

Critical Vulnerability (CVE-2023-36553) in FortiSIEM

Fortinet announced a critical vulnerability in its FortiSIEM report server.  The vulnerability, CVE-2023-36553, is an OS command injection flaw that could allow an unauthorized attacker to execute remote code by sending specially crafted packets to an affected system.  CVE-2023-36553 received a CVSS score of 9.3 out of a possible 10.

The following versions are affected:

  • FortiSIEM 5.4 all versions
  • FortiSIEM 5.3 all versions
  • FortiSIEM 5.2 all versions
  • FortiSIEM 5.1 all versions
  • FortiSIEM 5.0 all versions
  • FortiSIEM 4.10 all versions
  • FortiSIEM 4.9 all versions
  • FortiSIEM 4.7 all versions

More Reading/Information:

Multiple Vulnerabilities in Mozilla Products

Mozilla released security updates to address vulnerabilities in several of its products that could lead to arbitrary code execution.  There was a total of twenty-six (26) vulnerabilities affecting Firefox, Firefox ESR, Thunderbird, and Firefox for iOS, with seventeen (17) receiving a severity rating of "High."

The following versions are affected:

  • Firefox prior to 120
  • Firefox ESR prior to 115.5
  • Thunderbird prior to 115.5.0
  • Firefox for iOS prior to 120

More Reading/Information

Recommendations

Please review your environment to ensure the above-mentioned issues are patched in a timely manner.  It is security best practice to regularly update and/or patch software to the latest versions.  The vulnerabilities above highlight the security benefits of limiting deployed software to "vendor-supported versions" only.  This dramatically increases the likelihood that new vulnerabilities have a patch issued for them.  Likewise, Cybersafe strongly encourages maintaining an inventory of current software in your environment, which helps ensure and inform your patch and vulnerability management program.