TT-CSIRT 427.12.04.24: CVE-2024-3400 PAN-OS: OS Command Injection Vulnerability in GlobalProtect Gateway
A command injection vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary…
Read MoreTT-CSIRT-426.14.02.24: Critical Patches Issued for Microsoft Products
Microsoft has released security updates to address vulnerabilities in multiple products; the most severe of which could allow for remote code execution. Additionally, two (2) zero day vulnerabilities related to…
Read MoreTT-CSIRT 425 09.02.24: FortiOS Security Updates
Fortinet has released security updates to address two (2) critical vulnerabilities in FortiOS. TT-CSIRT encourages administrators to review the following releases and take the necessary actions immediately: CVE-2024-21762 – https://www.fortiguard.com/psirt/FG-IR-24-015…
Read MoreTT-CSIRT – 424 17.01.24: Patch SonicWall Firewall Still Vulnerable to CVE-2023-0656 and CVE-2022-22274
Severity: Critical Overview: SonicWall Firewalls CVE-2022-22274 and CVE-2023-0656 have CVSS score of 9.4 and 7.5 respectively. A proof-of-concept has been published therefore the vulnerabilities are more susceptible to exploitation. Affected…
Read MoreIN MEMORY OF ANGUS SMITH
It is with great sadness that we announce the passing of Mr. Angus Smith, a remarkable individual and the dedicated leader of the Trinidad and Tobago Cyber Security Incident…
Read MoreTT-CSIRT – 423 02.01.24: Terrapin CVE-2023-48795 vulnerability in Secure Shell (SSH) cryptographic network protocol
Severity: Medium Overview: Terrapin (CVE-2023-48795, CVSS score: 5.9) allows remote attackers to bypass integrity checks such that some packets are omitted causing security features to be downgraded or disabled within a…
Read More