Rewterz Threat Advisory – ICS: Multiple Mitsubishi Electric Products Vulnerabilities

August 4, 2023

Rewterz Threat Alert – Rhadamanthys Stealer – Active IOCs

August 6, 2023

Rewterz Threat Advisory – CVE-2023-4104 – Mozilla VPN Vulnerability

August 4, 2023

Severity

High

Analysis Summary

CVE-2023-4104

Mozilla VPN could allow a local authenticated attacker to bypass security restrictions, caused by an incomplete implementation of Polkit authentication. By sending a specially crafted request, an attacker could exploit this vulnerability to configure arbitrary VPN setups or redirect network traffic to malicious parties.

Impact

Security Bypass

Indicators Of Compromise

CVE

CVE-2023-4104

Affected Vendors

Mozilla

Affected Products

Mozilla VPN 2.15.2

Remediation

Refer to mozilla-vpn-client for patch, upgrade or suggested workaround information.

mozilla-vpn-client

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

Bitter APT – Active IOCs

Google Chrome 0-Day Vulnerability Actively Exploited – Immediate Update

Multiple Microsoft Windows Products Zero-Day Vulnerabilities Exploit in the Wild

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Rewterz Threat Advisory – ICS: Multiple Mitsubishi Electric Products Vulnerabilities

Rewterz Threat Alert – Rhadamanthys Stealer – Active IOCs

The Wait Is Over!

The Rewterz Annual Threat Intelligence Report 2024 is finally here.