Rewterz Threat Alert – Quasar RAT Evades Detection Using DLL Side-Loading – Active IOCs
October 29, 2023Rewterz Threat Advisory – Multiple WordPress Plugins Vulnerabilities
October 29, 2023Rewterz Threat Alert – Quasar RAT Evades Detection Using DLL Side-Loading – Active IOCs
October 29, 2023Rewterz Threat Advisory – Multiple WordPress Plugins Vulnerabilities
October 29, 2023Severity
Medium
Analysis Summary
CVE-2023-5363
OpenSSL could allow a remote attacker to obtain sensitive information, caused by an incorrect cipher key and IV length processing during the initialization of some symmetric ciphers. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
Impact
- Information Disclosure
Indicators Of Compromise
CVE
- CVE-2023-5363
Affected Vendors
OpenSSL
Affected Products
- OpenSSL 3.0.0
- OpenSSL 3.1.0
Remediation
Refer to OpenSSL Security Advisory for patch, upgrade or suggested workaround information.