Rewterz Threat Advisory – CVE-2023-36409 – Microsoft Edge (Chromium-based) Vulnerability

Rewterz Threat Update – Lazarus Group Utilizes Trojanized VNC Apps to Target Defense Experts with Fake Interviews

October 23, 2023

Rewterz Threat Alert – RedLine Stealer – Active IOCs

October 23, 2023

Rewterz Threat Advisory – CVE-2023-36409 – Microsoft Edge (Chromium-based) Vulnerability

Severity

Medium

Analysis Summary

CVE-2023-36409

Microsoft Edge (Chromium-based) could allow a remote attacker to obtain sensitive information. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive memory information and then use this information to launch further attacks against the affected system.

Impact

Information Disclosure

Indicators Of Compromise

CVE

CVE-2023-36409

Affected Vendors

Microsoft

Affected Products

Microsoft Edge (Chromium-based) 118.0

Remediation

Use Microsoft Automatic Update to apply the appropriate patch for your system, or the Microsoft Security Advisory to search for available patches.

Microsoft Security Advisory

Rewterz Threat Update – Lazarus Group Utilizes Trojanized VNC Apps to Target Defense Experts with Fake Interviews

Rewterz Threat Alert – RedLine Stealer – Active IOCs

Rewterz Threat Advisory – CVE-2023-36409 – Microsoft Edge (Chromium-based) Vulnerability

Severity

Analysis Summary

Impact

Indicators Of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan