AI DevwWrld CyberDSA Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

CISA alert: vulnerability in Roundcube exploited by attackers

Measures immediately necessary to mitigate the exploitation of a critical bug in Roundcube

CISA has warned of a security vulnerability in Roundcube, which can lead to data leakage through XSS attacks. Various past attacks have exploited these flaws. It is recommended to update Roundcube for security.

This pill is also available in Italian language

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a security advisory in relation to a vulnerability found in the popular web-based email client, Roundcube. This is specifically CVE-2023-43770, a flaw that was patched in September 2023 but has recently been exploited with live attacks. Roundcube is an open source IMAP client accessible via browser and features an application-like user interface.

Details about the vulnerability CVE-2023-43770

CVE-2023-43770 is a vulnerability that allows an attacker to conduct cross-site scripting (XSS) attacks using specially crafted links contained in plain text email messages. XSS attacks can lead to disclosure of sensitive information and affect versions 1.4.14, 1.5.x before 1.5.4, and 1.6.x before 1.6.3 of Roundcube. Note the presence of demonstrative exploit code for this vulnerability, which has been available online for many months.

Previous Roundcube exploits related to cyber-espionage

In previous incidents dating back to June 2023, the Recorded Future group and the Ukrainian CERT documented a spear-phishing campaign targeting several Ukrainian state institutions through emails that exploited an XSS flaw in Roundcube (CVE-2020-35730) and a SQL injection vulnerability (CVE-2021-44026), for exfiltration of data from the Roundcube database. In October of the same year, cybersecurity firm ESET reported the exploitation of another Roundcube XSS flaw as a zero-day by the APT Winter Vivern group, with government targets across Europe.

Roundcube security tips and updates

CISA emphasizes that vulnerabilities such as these represent an attack vector frequently exploited by malicious actors, generating significant risks. Failures found in Roundcube are regularly addressed and corrected by the software's maintainers, and organizations using it are advised to remain alert and promptly implement available security updates.

Follow us on Google News for more pills like this

02/13/2024 10:14

Marco Verro

Complementary pills

Russian hackers attack ukrainian infrastructure: Roundcube software is the targetRussian APT group exploits open-source webmail vulnerabilities to infiltrate ukrainian government and military entities

Last pills

Data breach: Fortinet faces new hack, 440GB of stolen informationFortinet under attack: hackers breach security and make information public. discover the details and the consequences for the privacy of involved users

Shocking cyber espionage discoveries: nation-state threatsHow state-of-state cyberwarfare is changing the game in the tech industry: Details and analysis of recent attacks

A new era for Flipper Zero with firmware 1.0Discover the revolutionary features of Flipper Zero firmware 1.0: performance improvements, JavaScript, and enhanced connectivity

EUCLEAK, the vulnerability that allows cloning of YubiKey FIDO sticksLearn how the EUCLEAK vulnerability puts your cryptographic keys at risk