Rewterz Threat Advisory – ICS: Multiple Mitsubishi Electric Products Vulnerabilities
August 4, 2023Rewterz Threat Alert – Rhadamanthys Stealer – Active IOCs
August 6, 2023Rewterz Threat Advisory – ICS: Multiple Mitsubishi Electric Products Vulnerabilities
August 4, 2023Rewterz Threat Alert – Rhadamanthys Stealer – Active IOCs
August 6, 2023Severity
High
Analysis Summary
CVE-2023-4104
Mozilla VPN could allow a local authenticated attacker to bypass security restrictions, caused by an incomplete implementation of Polkit authentication. By sending a specially crafted request, an attacker could exploit this vulnerability to configure arbitrary VPN setups or redirect network traffic to malicious parties.
Impact
- Security Bypass
Indicators Of Compromise
CVE
- CVE-2023-4104
Affected Vendors
Mozilla
Affected Products
- Mozilla VPN 2.15.2
Remediation
Refer to mozilla-vpn-client for patch, upgrade or suggested workaround information.