Tanzania Computer Emergency Response Team

VMware Critical Zero Day Command Injection Vulnerability CVE-2020-4006

26th November 2020

Advisory No: TZCERT/SA/2020/11/26 Date of First Release: 26th November 2020 Source: VMware Software Affected: VMware Workspace One Access 20.10 (Linux)VMware Workspace One Access 20.01 (Linux)VMware Identity Manager 3.3.3 (Linux)VMware Identity Manager 3.3.2 (Linux)VMware Identity Manager 3.3.1 (Linux)VMware Identity Manager Connector 3.3.2, 3.3.1 (Linux)VMware Identity Manager Connector 3.3.3, 3.3.2, 3.3.1 (Windows) Overview: The vulnerability …

VMware Security Updates

24th November 2020

VMware has released security updates to address vulnerabilities affecting its multiple products. Exploitation of these vulnerabilities could allow an attacker to take control of an affected products. Users and Administrators are encouraged to review released VMware security advisory and apply necessary updates.

NetGear Security Update

24th November 2020

NetGear has released security updates to address vulnerabilities in GS108Ev3 Firmware version 2.06.10 and earlier. Exploitation of these vulnerabilities may allow an attacker to take control of the affected system. Users and administrators are encouraged to review NetGear Support Page and apply necessary updates.

Cisco Security Updates

24th November 2020

Cisco has released security updates to address vulnerabilities affecting its products. Exploitation of these vulnerabilities could allow an attacker to take control of an affected system. Users and Administrators are encouraged to review released the following Cisco security advisories an apply necessary updates: Cisco Identity Services Engine Privilege Escalation VulnerabilityCisco …

Google Chrome Security Update

20th November 2020

Google has released security updates to address vulnerabilities in Google Chrome. Exploitation of these vulnerabilities may allow an attacker to take control of the affected system. Users and administrators are encouraged to review Google Chrome Security Advisory and apply necessary update.

Tanzania Computer Emergency Response Team

CAPACITY BUILDING: THREAT DETECTION AND INCIDENT HANDLING AND RESPONSE TRAINING

CAPACITY BUILDING: THREAT DETECTION TRAINING

Cybersecurity is a key for Development – Tanzania Ranks 2nd in Africa

Download: Advice to Parent/Guardians in Protecting Children Online

Current Activities

VMware Critical Zero Day Command Injection Vulnerability CVE-2020-4006

VMware Security Updates

NetGear Security Update

Cisco Security Updates

Google Chrome Security Update

Subscribe to Receive Regular Updates

Multiple critical vulnerabilities affecting WordPress (CVE-2024-3604, CVE-2024-6314, CVE-2024-6313, CVE-2024-6365)

Critical Vulnerabilities in multiple IBM vulnerabilities (CVE-2024-1597, CVE-2022-46337)

Arbitrary code execution vulnerability on IBM Instana Observability (CVE-2023-39410)

High severity vulnerabilities affecting WordPress (CVE-2024-5943, CVE-2024-2385, CVE-2024-6319, CVE-2024-6318)

High severity vulnerabilities in HPE ProLiant and HPE Edgeline Servers Using BIOS (PixieFail) (CVE-2023-45229, CVE-2023-45230, CVE-2023-45234, CVE-2023-45235, CVE-2021-38575)