Android Pixel Privilege Escalation Vulnerability

Android Pixel contains a privilege escalation vulnerability that allows an attacker to interrupt a factory reset triggered by a device admin app. The Uganda National CERT and Coordination Center (CERT.UG/CC) strongly advises users and administrators to review the Android advisory and apply the recommended migrations.

RELATED ADVISORIES

Advisories 9 May 2024

Vulnerabilities in Cisco ASA and FTD Software

Cisco disclosed three vulnerabilities in its management and VPN web servers for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software product. The vulnerability allows an attacker to cause a DoS condition by sending a crafted HTTP request to the web server on a targeted device. A successful exploit would result in an unexpected reloading of the device. This vulnerability is due to incomplete error checking when parsing an HTTP header. The Uganda National CERT and Coordination Center (CERT.UG/CC) strongly advises all system and network admins to review and implement the appropriate patches. The details of the updates are:

Unauthenticated Command Injection vulnerability in SD-WAN Edge (VMware)

Advisories 9 May 2024

Microsoft SharePoint Server Remote Code Execution Vulnerability

Advisories 9 May 2024

Cisco Releases Security Updates for IOS XR Software

Advisories 9 April 2024

Forticlient EMS flaw actively exploited in the wild

Advisories 9 April 2024

Joomla Security Update

Advisories 28 February 2024

Microsoft Exchange Server Security Advisory

Advisories 28 February 2024