Redbelt warns of vulnerabilities in Microsoft systems

On Wednesday, the fifth of this month, the consulting company specializing in information security, Redbelt, stated that it had found security vulnerabilities in Microsoft, Fortinet, VMWare, and WordPress systems. Hackers can use vulnerabilities to break into accounts and spread malware (malware) across networks.

Understand below each case.

Microsoft

According to Redbelt, the flaw in the Progress Software MOVEit Transfer app, attributed to the Lace Tempest attacker, allows hackers to authenticate themselves as any user and access the app’s database through a Microsoft system. The flaw has been identified as CVE-2023-34362, SQL injection vulnerability.

fortinet

A “critical vulnerability” has been found in FortiOS and FortiProxy. The vulnerabilities may have been exploited in attacks targeting the US government, as well as critical manufacturing and infrastructure sectors. The vulnerability, known as XORtigate and tracked as CVE-2023-27997, includes a heap-based buffer overflow flaw in FortiOS and FortiProxy SSL-VPN that makes it possible for a remote attacker to execute arbitrary code.

VMWare

The consulting firm reports that VMWare ESXi Host for Windows and Linux has vulnerabilities exploited by Chinese hacking group UNC3886. VMware Tools Authentication allows a bypass of a flaw known as CVE-2023-20867 to execute privileged commands on virtual machines without authentication. The group is known to infect VMware servers with backdoors called VIRTUALPITA and VIRTUALPIE. Furthermore, they have been linked to exploiting a flaw in Fortinet FortiOS and are described as highly skilled collective defense and technology enterprises.

WordPress

Redbelt also reported a bug in WordPress that allowed users to leak data. The CVE-2023-2982 vulnerability allows accounts to be bypassed through authentication in miniOrange’s social login and registration plugin for WordPress. Thus, to avoid data leakage, it is recommended to update the software to version 7.6.5 or later.

How to protect yourself

According to Marcos Almeida, Redbet’s Red Team Manager, in order to take precautions against identified security flaws and avoid any malware, the user of the technology device should use reliable security solutions, such as antivirus software and firewalls.

“Always use caution when opening suspicious files or links, especially those received via email or from untrusted sources,” recommends Almeida. “Be aware of the latest cyber-attack trends, publicize them, and ask employees to follow best practices for online security,” he adds.