all InfoSec news
Path Traversal Leading to Compromise: SysAid On-Prem Software CVE-2023-47246 Vulnerability
Malware Analysis, News and Indicators - Latest topics malware.news
On November 2nd, an alarming zero-day vulnerability was identified within the SysAid on-premises software. This discovery prompted an immediate incident response, involving communications with on-premise customers and collaboration with Profero, a cybersecurity incident response firm. The vulnerability, exploited by the hacker group DEV-0950 (Lace Tempest), presents significant risks for users of affected SysAid software versions.
1. Nature and Severity of the Vulnerability in SysAid (CVE-2023-47246)
This zero-day vulnerability, a path traversal flaw leading to code execution, was exploited to …
collaboration communications compromise customers cve cve-2023-47246 cybersecurity cybersecurity incident dev discovery exploited hacker hacker group incident incident response lace tempest november on-prem path path traversal premise response risks software sysaid tempest vulnerability zero-day zero-day vulnerability