Rewterz Threat Alert – RedLine Stealer – Active IOCs
October 2, 2023Rewterz Threat Advisory – Multiple F5 BIG-IP Vulnerabilities
October 2, 2023Rewterz Threat Alert – RedLine Stealer – Active IOCs
October 2, 2023Rewterz Threat Advisory – Multiple F5 BIG-IP Vulnerabilities
October 2, 2023Severity
Medium
Analysis Summary
CVE-2023-39410
Apache Avro Java SDK could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization flaw. By sending specially crafted input, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system.
Impact
- Code Execution
Indicators Of Compromise
CVE
- CVE-2023-39410
Affected Vendors
Apache
Affected Products
- Apache Avro Java SDK 1.11.2
Remediation
Upgrade to the latest version of Apache Avro Java SDK, available from the Apache Website.