Federal agencies need to apply vendor recommended mitigations for each flaw on or before October 25.
The US Cybersecurity and Infrastructure Security Agency (CISA) has added a total of four security vulnerabilities to its Known Exploited Vulnerabilities (KEV) so far this week.
Federal civilian executive branch agencies have until Oct. 25 to address the flaws. But others using the affected products should mitigate as well because attackers are actively targeting each of the flaws.
CVE-2023-5217, a critical heap buffer overflow vulnerability in Google Chrome libvpx . The flaw allows attackers to execute arbitrary code on affected systems via a specially crafted HTML page. Attackers have exploited the flaw to drop spyware and other surveillance software on Android devices users and iPhone users. Here’s Google’s advisory.
CVE-2023-28229 an elevation of privilege vulnerability in Windows CNG Key Isolation Service. The vulnerability affects most Windows versions. Here’s Microsoft’s advisory. The company has described the vulnerability as being moderately severe.
CVE-2023-4211 a use-after-free vulnerability in Arm Mali GPU Kernel Driver that allows a local, non-privileged user to access and misuse already freed memory. The vulnerability affects all versions of Midgard GPU Kernel Driver from e12p0-r32p0; all versions of Bifrost GPU Kernel Driver from r0p0 to r42p0; all versions of Valhall GPU Kernel Driver from r19p0 to r42p0; and all versions of Arm 5th Gen GPU Architecture Kernel Driver from r41p0 to r42p0. Here’s Arm’s advisory.
CVE-2023-42793 in all versions of JetBrains TeamCity On-Premises CI/CD platform. The authentication bypass vulnerability allows attackers to implement a remote code execution attack on affected systems. Here’s the JetBrains security advisory. JetBrains has assessed the vulnerability as being of Critical severity.