Ivanti Sentry and WinRAR
Patch for Ivanti Sentry
by Artie Kaye
The company has released a patch to a high severity flaw. It could allow admin access to the software. Closing port 8443 off from the internet can mitigate, but patching is recommended. It is unknown if the vulnerability is being exploited as a zero-day.
This is listed as CVE-2023-38035.
Third-Party references:
Click the links below to learn more details. (Opens in a new tab/window.)
WinRAR Out-of-Bounds Code Execution
by Artie Kaye
The team behind WinRAR have released a patch in version 6.23 to address an issue where out-of-bounds code could be executed when opening an archive. Updating is the only method offered to mitigate.
This is listed as CVE-2023-40477.
Third-Party references:
Click the links below to learn more details. (Opens in a new tab/window.)