Rewterz Threat Advisory – Multiple IBM Aspera Vulnerabilities

Rewterz Threat Advisory – CVE-2023-28444 – Node.js angular-server-side-configuration module Vulnerabilities

March 29, 2023

Rewterz Threat Alert – AveMaria RAT aka WarzoneRAT – Active IOCs

March 29, 2023

Rewterz Threat Advisory – Multiple IBM Aspera Vulnerabilities

Severity

High

Analysis Summary

CVE-2023-27286 CVSS:8.4

IBM Aspera Cargo 4.2.5 and IBM Aspera Connect 4.2.5 are vulnerable to a buffer overflow, caused by improper bounds checking. An attacker could overflow a buffer and execute arbitrary code on the system.

CVE-2023-27284 CVSS:8.4

Impact

Code Execution

Indicators Of Compromise

CVE

CVE-2023-27286
CVE-2023-27284

Affected Vendors

IBM

Affected Products

IBM Aspera Cargo 4.2.4
IBM Aspera Connect 4.2.4

Remediation

Refer to IBM Security Bulletin for patch, upgrade or suggested workaround information.

IBM Security Bulletin

Rewterz Annual Threat Intelligence Report 2025 - Download Now

Rewterz Threat Advisory – CVE-2023-28444 – Node.js angular-server-side-configuration module Vulnerabilities

Rewterz Threat Alert – AveMaria RAT aka WarzoneRAT – Active IOCs

Rewterz Threat Advisory – Multiple IBM Aspera Vulnerabilities

Severity

Analysis Summary

Impact

Indicators Of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan