7x Second Security [10-October-2022]
Using Fortinet's FortiGate Firewalls and FortiProxy Web Proxies?
Do this: Upgrade immediately.
Why: A critical authentication bypass vulnerability allows attackers to execute unauthorized actions on susceptible devices.
Additional Info: https://thehackernews.com/2022/10/fortinet-warns-of-new-auth-bypass-flaw.html
Using Zimbra's Collaboration Suite?
Do this: Zimbra is urging users to install the "Pax" utility and restart services immediately. Be on the look out for updates.
Why: A critical remote code execution vulnerability is being exploited in the wild allowing attackers to perform malicious actions.
Additional Info: https://thehackernews.com/2022/10/hackers-exploiting-unpatched-rce-flaw.html
Using VMware's VCenter Server?
Do this: Patch immediately.
Why: A high-severity code execution vulnerability in VMware's VCenter Server is being actively exploited, allowing attackers arbitrary code execution on underlying operating systems.
Additional Info: https://www.securityweek.com/vmware-patches-code-execution-vulnerability-vcenter-server?&web_view=true