A high severity (CVSS: 7.8) vulnerability has been identified in the GNU C Library. Identified as CVE-2023-4911, nicknamed Looney Tunables, it was recently added to CISA’s Known Exploited Vulnerabilities catalogue because it is now being actively exploited. This buffer overflow vulnerability makes use of a flaw within the libraries’ dynamic loader and GLIBC_TUNABLES environment variable. This can allow a local attacker to use specifically crafted GLIBC_TUNABLES environment variables while launching binaries with SUID permission to execute code with elevated privileges.

A vulnerability has been discovered internally by Adham El Karn of the Fortinet Product Security team. Identified as CVE-2023-36553 (CVSS 9.8), this Critical vulnerability affects all versions of FortiSIEM 4.7, 4.9, 4.10, 5.0, 5.1, 5.2, 5.3, and 5.4. According to Fortiguard, it has to do with an improper neutralization of special elements used in an OS Command vulnerability in FortiSIEM report server. This can allow a remote, unauthenticated attacker to execute unauthorized commands via specifically crafted API requests.

Every second Tuesday of the month, Microsoft releases many security fixes to several of its software solutions. This is known as “Patch Tuesday.” This time, several critical vulnerabilities and zero-days have been remediated. A total of five zero-day vulnerabilities, three critical vulnerabilities, and more than 50 other vulnerabilities of varying severity were addressed. This report covers only the most critical and notable vulnerabilities.

A Critical vulnerability has been identified within NetApp products categorized as CVE-2023-45871. This vulnerability was identified was discovered and reported to NVD on 10/19/2023 and was recently reported affecting NetApp products on 11/10/2023. This vulnerability affects Linux kernel versions prior to 6.5.3 and as multiple NetApp products utilize the Linux kernel, they are vulnerable.

A zero-day vulnerability has been identified in SysAid On-Prem Software known as CVE-2023-47246. Not much information is available about this vulnerability in the National Vulnerability Database, but SysAid has provided a blog post explaining the situation. On November 2nd, 2023, a potential vulnerability on their on-premises software was brought to their attention. Through internal and third-party services, they concluded that a zero-day vulnerability existed in the SysAid On-Prem Software. The vulnerability was identified as a path traversal vulnerability leading to code execution which was exploited by a threat actor known as Lace Tempest, identified by the Microsoft Threat Intelligence team.

A vulnerability of critical-severity Chas been identified on several QNAP operating system versions. It is identified as CVE-2023-23368 and has a CVSS score of 9.8. If exploited it can allow users to execute commands via a network according to QNAP.

A critical vulnerability has been identified for the Cisco Firepower Management Center (FMC) Software known as CVE-2023-20048, CVSS score 9.9. It can allow for an authenticated, remote attacker to execute unauthorized configuration commands on a firepower threat defense device managed by this software. To exploit this vulnerability, an attacker would need valid credentials on the FMC software.

UPDATE: CISA has added this vulnerability (CVE-2023-46747) to their known exploited vulnerabilities list as of 11/2/2023. The vendor has also updated their security bulletin under the "Indicators of compromise" section as they have observed threat actors using this vulnerability in conjunction with CVE-2023-46748 to perform an exploit. Patch now!

Apache Active MQ, a scalable open-source message broker, has a critical vulnerability. It is identified as CVE-2023-46604 a Critical rated vulnerability with a CVSS 3.0 score of 10, the maximum value. According to NVD, it is a remote code execution vulnerability which may allow a remote attacker with network access to a broker to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol.