NVD disclosure day
CVE-2023-2868
Halo Surface Signal: 5 out of 5 — more likely to be public-facing.
A vulnerability in Barracuda Email Security Gateway appliances allowed remote attackers to execute system commands. This posed a risk of unauthorized access and control of affected systems. A patch was automatically applied to all customer appliances to address this issue.
CVE-2023-33246
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
A vulnerability in Apache RocketMQ allows attackers to execute commands remotely by exploiting exposed components lacking permission verification. This poses a business risk of unauthorized system access and potential data compromise. Organizations using affected versions should apply vendor-recommended updates.
CVE-2023-33010
Halo Surface Signal: 5 out of 5 — more likely to be public-facing.
Certain Zyxel firewall devices are vulnerable to a buffer overflow flaw, allowing unauthenticated attackers to cause denial-of-service or execute remote code. This impacts network availability and integrity, posing a significant business risk. Organizations should identify and address vulnerable devices promptly.
CVE-2023-33009
Halo Surface Signal: 5 out of 5 — more likely to be public-facing.
A buffer overflow vulnerability in Zyxel firewall firmware allows unauthenticated attackers to execute remote code or cause denial-of-service conditions. This poses a significant business risk to network security and operational continuity, as it could lead to unauthorized access and system compromise.