Tanzania Computer Emergency Response Team

Cisco Emergency Responder Static Credentials Vulnerability (CVE-2023-20101)

5th October 2023

Advisory No: TZCERT/SA/2023/10/5 Date of First Release: 5th October 2023 Source: CISCO Software Affected: Cisco Emergency Responder Overview: A vulnerability affecting Cisco Emergency Responder has been disclosed. This vulnerability may lead to arbitrary code execution in the context of privileged user. Description: Cisco Emergency Responder has the static user credentials …

SUSE Security Update

5th October 2023

SUSE has released security updates to address vulnerabilities in multiple products. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are encouraged to review SUSE Security Advisories suse-su-20233975-1, suse-su-20233981-1, suse-su-20233984-1, suse-su-20233969-1, suse-su-20233966-1, suse-su-20233957-1 and suse-su-20233963-1 and apply necessary updates.

Ubuntu Security Update

5th October 2023

Ubuntu has released security updates to address vulnerabilities in Linux kernel, Django, gnu, exim and freerdp. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are encouraged to review Ubuntu Security Advisories USN-6416-1, USN-6414-2, USN-6413-1, USN-6411-1 and USN-6401-1 and apply necessary updates.

Apple Security Update

5th October 2023

Apple has released security updates to address vulnerabilities in iOS and iPadOS. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are encouraged to review Apple Security Advisory and apply necessary updates.

Dell Security Update

5th October 2023

Dell has released security updates to address vulnerabilities in multiple products. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are encouraged to review Dell Security Advisories dsa-2023-305, dsa-2023-321, dsa-2023-328 and dsa-2023-331 and apply necessary updates.

Tanzania Computer Emergency Response Team

CAPACITY BUILDING: THREAT DETECTION AND INCIDENT HANDLING AND RESPONSE TRAINING

CAPACITY BUILDING: THREAT DETECTION TRAINING

Cybersecurity is a key for Development – Tanzania Ranks 2nd in Africa

Download: Advice to Parent/Guardians in Protecting Children Online

Current Activities

Cisco Emergency Responder Static Credentials Vulnerability (CVE-2023-20101)

SUSE Security Update

Ubuntu Security Update

Apple Security Update

Dell Security Update

Subscribe to Receive Regular Updates

Multiple critical vulnerabilities affecting WordPress (CVE-2024-3604, CVE-2024-6314, CVE-2024-6313, CVE-2024-6365)

Critical Vulnerabilities in multiple IBM vulnerabilities (CVE-2024-1597, CVE-2022-46337)

Arbitrary code execution vulnerability on IBM Instana Observability (CVE-2023-39410)

High severity vulnerabilities affecting WordPress (CVE-2024-5943, CVE-2024-2385, CVE-2024-6319, CVE-2024-6318)

High severity vulnerabilities in HPE ProLiant and HPE Edgeline Servers Using BIOS (PixieFail) (CVE-2023-45229, CVE-2023-45230, CVE-2023-45234, CVE-2023-45235, CVE-2021-38575)