Tanzania Computer Emergency Response Team

TZCERT-SU-24-0024 (HP Security Update)

15th January 2024

HP has released security updates to address vulnerabilities in its multiple products. Exploitation of these vulnerabilities may allow an attacker to take control of an affected system. Users and Administrators are encouraged to review HP Security Advisory HPSBHF03882 and apply necessary updates.

TZCERT-SU-24-0023 (Palo Alto Security Update)

15th January 2024

Palo Alto has released security updates to address a vulnerability in PAN-OS. Exploitation of this vulnerability may allow an attacker to take control of an affected system. Users and Administrators are encouraged to review Palo Alto Security Advisory for CVE-2023-48795 and apply necessary updates.

TZCERT-SU-24-0022 (Mageia Security Update)

15th January 2024

Mageia has released security updates to address vulnerabilities in dkms-anbox package. Exploitation of these vulnerabilities may allow an attacker to take control of an affected system. Users and Administrators are encouraged to review Mageia Security Advisory and apply necessary updates.

Postfix: SMTP smuggling vulnerability (CVE-2023-51764) – CVE-2023-51764)

8th January 2024

Advisory No: TZCERT/SA/2023/01/08 Date of First Release: 8th January 2024 Source: SMTP servers Software Affected: POSTFIX in SMTP Overview: The vulnerability exists because a flaw was found in some SMTP server configurations in Postfix. This issue may allow a remote attacker to break out of the email message data to …

TZCERT-SU-24-0021 (ZTE Security Update)

5th January 2024

ZTE has released security updates to address vulnerabilities in ZTE Red Magic 8 Pro. Exploitation of these vulnerabilities may allow an attacker to gain escalated privilege. Users and administrators are encouraged to review ZTE Security Advisories 1034444 and 1034404 and apply necessary updates.

Tanzania Computer Emergency Response Team

CAPACITY BUILDING: THREAT DETECTION AND INCIDENT HANDLING AND RESPONSE TRAINING

CAPACITY BUILDING: THREAT DETECTION TRAINING

Cybersecurity is a key for Development – Tanzania Ranks 2nd in Africa

Download: Advice to Parent/Guardians in Protecting Children Online

Current Activities

TZCERT-SU-24-0024 (HP Security Update)

TZCERT-SU-24-0023 (Palo Alto Security Update)

TZCERT-SU-24-0022 (Mageia Security Update)

Postfix: SMTP smuggling vulnerability (CVE-2023-51764) – CVE-2023-51764)

TZCERT-SU-24-0021 (ZTE Security Update)

Subscribe to Receive Regular Updates

Multiple critical vulnerabilities affecting WordPress (CVE-2024-3604, CVE-2024-6314, CVE-2024-6313, CVE-2024-6365)

Critical Vulnerabilities in multiple IBM vulnerabilities (CVE-2024-1597, CVE-2022-46337)

Arbitrary code execution vulnerability on IBM Instana Observability (CVE-2023-39410)

High severity vulnerabilities affecting WordPress (CVE-2024-5943, CVE-2024-2385, CVE-2024-6319, CVE-2024-6318)

High severity vulnerabilities in HPE ProLiant and HPE Edgeline Servers Using BIOS (PixieFail) (CVE-2023-45229, CVE-2023-45230, CVE-2023-45234, CVE-2023-45235, CVE-2021-38575)