Rewterz Threat Advisory – Mozilla Thunderbird Vulnerabilities

Rewterz Threat Advisory – CVE-2022-23443 – Fortinet FortiSOAR Vulnerability

May 6, 2022

Rewterz Threat Advisory – Multiple Cisco Products Vulnerabilities

May 6, 2022

Rewterz Threat Advisory – Mozilla Thunderbird Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2022-29913 CVSS:6.5

Mozilla Thunderbird could allow a remote attacker to bypass security restrictions, caused by the failure to properly check whether the Speech Synthesis feature is enabled, when receiving instructions from a child process by the parent process. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to bypass security restrictions.

CVE-2022-1520 CVSS:6.5

Mozilla Thunderbird could allow a remote attacker to bypass security restrictions, caused by the incorrect security status shown after viewing an attached email. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to bypass security restrictions.

Impact

Security Bypass

Indicators Of Compromise

CVE

CVE-2022-29913
CVE-2022-1520

Affected Vendors

Mozilla

Affected Products

Mozilla Thunderbird 91.8

Remediation

Refer to Mozilla Foundation Security Advisory for patch, upgrade or suggested workaround information.

Mozilla Foundation Security Advisory

Rewterz Threat Advisory – CVE-2022-23443 – Fortinet FortiSOAR Vulnerability

Rewterz Threat Advisory – Multiple Cisco Products Vulnerabilities

Rewterz Threat Advisory – Mozilla Thunderbird Vulnerabilities

Severity

Analysis Summary

CVE-2022-29913 CVSS:6.5

CVE-2022-1520 CVSS:6.5

Impact

Indicators Of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan