Advisory: RUCKUS access point vulnerability

Last updated on November 30, 2023 at 11:04 am

We’re aware of a vulnerability in the web-based interface used to manage RUCKUS access points that could allow a remote attacker to execute a cross-site scripting (XSS) attack against a user logged on to the interface of the affected device. Please note that Equipment...

Advisory: Google ChromeOS vulnerabilities (MS-ISAC 2023-095)

Last updated on September 1, 2023 at 10:44 am

We’re aware of multiple vulnerabilities that have been discovered in Google ChromeOS, the most severe of which could allow a remote attacker to conduct arbitrary code execution. Depending on the privileges associated with the targeted user, an attacker could install...

Advisory: Ruckus ICX switch XSS and CSRF vulnerability

Last updated on September 1, 2023 at 10:44 am

We’re aware of a vulnerability (CVE-2023-39904, CVE-2023-39905, CVE-2023-39906) in the web-based management interface of the Ruckus ICX switch product line that could allow a remote attacker to execute XSS and CSRF attacks against the user of the interface. To exploit...

Advisory: New vulnerabilities affecting PaperCut MF/NG

Last updated on August 16, 2023 at 05:19 pm

PaperCut have released a new patch for Papercut NG/MF to address multiple vulnerabilities which are currently being exploited. If you are using this product, we recommend you upgrade your PaperCut application to version 22.1.3. Please follow the instructions on...

Advisory: Fortinet SSL VPN vulnerability – CVE 2023-27997

Last updated on August 14, 2023 at 06:35 pm

We’re aware of a critical Remove Code Execution (RCE) vulnerability affecting Fortinet’s SSL VPN functionality. This vulnerability can be exploited without credentials and affects all SSL VPN appliances, even if multi-factor authentication is enabled. Due to the...