Sophos Web Appliance vulnerability exploited in the wild (CVE-2023-1671) | allinfosecnews.com

Nov. 20, 2023, 11:43 a.m. | Helga Labus

Help Net Security www.helpnetsecurity.com

CISA has added three vulnerabilities to its Known Exploited Vulnerabilities catalog, among them a critical vulnerability (CVE-2023-1671) in Sophos Web Appliance that has been patched by the company in April 2023. About CVE-2023-1671 CVE-2023-1671 is a pre-auth command injection vulnerability in the warn-proceed handler of Sophos Web Appliance that allows attackers to execute arbitrary code. Sophos Web Appliance is a web gateway appliance that functions as a web proxy and scans potentially harmful content for … More →

The post …

april attackers auth catalog cisa command command injection critical critical vulnerability cve don't miss enterprise exploit exploited exploited vulnerabilities hot stuff injection known exploited known exploited vulnerabilities known exploited vulnerabilities catalog poc sophos sophos web appliance the company vulnerabilities vulnerability vulnerability exploited web

More from www.helpnetsecurity.com / Help Net Security

SentinelOne and Pax8 expand partnership to enhance security measures for SMBs 38 minutes ago | www.helpnetsecurity.com

assets critical critical infrastructure cybersecurity +16

Tails 5.2.0 comes with several improvements, updated Tor Browser an hour ago | www.helpnetsecurity.com

browser censorship computers old +15

5 resolutions to prepare for SEC’s new cyber disclosure rules 6 hours ago | www.helpnetsecurity.com

attackers ciso conflict cyber +28

Strategies for cultivating a supportive culture in zero-trust adoption 6 hours ago | www.helpnetsecurity.com

adaptability adoption advisory authentication +27

Enterprises prepare for the inevitable cyber attack 7 hours ago | www.helpnetsecurity.com

amp attack business cases +27

Vigil: Open-source LLM security scanner 7 hours ago | www.helpnetsecurity.com

artificial intelligence attacker don't miss github +18

Lacework AI Assist enhances SOC efficiency 18 hours ago | www.helpnetsecurity.com

alerts artificial artificial intelligence assistant +22

Entrust launches Digital Account Opening solution to simplify global customer onboarding 19 hours ago | www.helpnetsecurity.com

account banking banks credit +19

Armis releases version 23.3 of the Armis Centrix platform 19 hours ago | www.helpnetsecurity.com

armis armis centrix asset asset intelligence +22

Security Analyst Consultant

@ Kalles Group | Seattle Area

View on infosec-jobs.com

Principal Engineer - SecEng (Prisma Cloud Application Security)

@ Palo Alto Networks | Tel Aviv-Yafo, Israel

View on infosec-jobs.com

Privacy Officer BeNeLux

@ Wolters Kluwer | NLD - Alphen Aan Den Rijn

View on infosec-jobs.com

Senior Information Security Specialist :Threat Intelligence

@ NTT DATA | Johannesburg, South Africa

View on infosec-jobs.com

Cyber Security - SOC Analyst (L2)

@ WPP | Chennai

View on infosec-jobs.com

Cybersecurity Analyst - A&A Support

@ Maveris | Washington, District of Columbia, United States - Remote

View on infosec-jobs.com