Referenced link: https://www.fortiguard.com/psirt/FG-IR-22-398
Originally posted by Rob Fuller / @mubix@twitter.com: https://twitter.com/Gi7w0rm/status/1602423258711822341#m

RT by @mubix: ⚠️ Another #critical #RCE in #Fortinet #SSLVPN is #exploited in the wild...

Updates have been rolled out.
This looks pretty great for inital access, so make sure to #PatchNow !!!

For a list of affected devices and artifacts to hunt:

https://www.fortiguard.com/psirt/FG-IR-22-398

CVE: CVE-2022-42475

RT @certbund@twitter.com

❗#CERTWarnung❗
Patch für #Schwachstelle in #OpenSSL 3.0 veröffentlicht. Kritikalität nur HIGH statt CRITICAL. *DoS auf Server und Clients möglich. Advisory: https://www.openssl.org/news/secadv/20221101.txt Für betroffene Produkte, Patches und Scan-Tools: https://github.com/NCSC-NL/OpenSSL-2022 #PatchNow

🐦🔗: https://twitter.com/certbund/status/1587488332690366465

RT @certbund
Microsoft releases emergency security patches for Exchange Server 📧 2013 | 2016 | 2019 and 2010 (for Defense in Depth purposes) due to active exploitation by #HAFNIUM group #PATCHNOW 🔥🩹
Blog: https://www.microsoft.com/security/blog/2021/03/02/hafnium-targeting-exchange-servers/
Patches via MSRC: https://msrc-blog.microsoft.com/2021/03/02/multiple-security-updates-released-for-exchange-server/

Zumindest für den 9.8er (CVE-2021-21972) ist das Update seit über 2 Monaten draußen. Wer halbwegs regelmäßig patched sollte das haben.
---
RT @HonkHase
CVE-2021-21972:

VMware vCenter unauth #RCE possible 😳
#PatchNow https://twitter.com/jas502n/status/1364659596267167747
https://twitter.com/HonkHase/status/1365055612820676611

RT @HonkHase
#CVE-2020-16898 | Microsoft #Windows TCP/IP Remote Code Execution #Vulnerability #RCE #PatchNow 😱
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16898