ServiceNow Improper Input Validation Vulnerability (CVE-2024-4879)

Read Time:44 Second

What is the vulnerability?A critical input validation vulnerability (CVE-2024–4879) is identified in ServiceNow’s Now platform hosted in Vancouver and Washington DC, exploiting this vulnerability could lead to potential data breaches and unauthorized system access. Threat actors may weaponize proof-of-concept (PoC) exploits which are publicly available. CISA added CVE-2024–4879 to its Known Exploited Vulnerabilities (KEV) Catalog on July 29, 2024.What is the recommended Mitigation?ServiceNow has released updates for the affected instances. CVE-2024-4879 – Jelly Template Injection Vulnerability in ServiceNow UI Macros – SecurityWhat FortiGuard Coverage is available?FortiGuard Labs recommends users to apply the patches released by the vendor immediately to secure their systems.FortiGuard Intrusion Prevention Service (IPS) protection is currently being investigated to defend against exploitation of CVE-2024-4879.The FortiGuard Incident Response team can be engaged to help with any suspected compromise.

Read More

APPLE-SA-07-29-2024-9 visionOS 1.3

Read Time:24 Second

Posted by Apple Product Security via Fulldisclosure on Jul 29

APPLE-SA-07-29-2024-9 visionOS 1.3

visionOS 1.3 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT214123.

Apple maintains a Security Releases page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.

Apple Neural Engine
Available for: Apple Vision Pro
Impact: A local attacker may be able to cause unexpected system shutdown…

Read More

APPLE-SA-07-29-2024-8 tvOS 17.6

Read Time:24 Second

Posted by Apple Product Security via Fulldisclosure on Jul 29

APPLE-SA-07-29-2024-8 tvOS 17.6

tvOS 17.6 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT214122.

Apple maintains a Security Releases page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.

AppleMobileFileIntegrity
Available for: Apple TV HD and Apple TV 4K (all models)
Impact: An app may be able to bypass Privacy…

Read More

APPLE-SA-07-29-2024-7 watchOS 10.6

Read Time:24 Second

Posted by Apple Product Security via Fulldisclosure on Jul 29

APPLE-SA-07-29-2024-7 watchOS 10.6

watchOS 10.6 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT214124.

Apple maintains a Security Releases page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.

AppleMobileFileIntegrity
Available for: Apple Watch Series 4 and later
Impact: An app may be able to bypass Privacy preferences…

Read More

APPLE-SA-07-29-2024-6 macOS Monterey 12.7.6

Read Time:24 Second

Posted by Apple Product Security via Fulldisclosure on Jul 29

APPLE-SA-07-29-2024-6 macOS Monterey 12.7.6

macOS Monterey 12.7.6 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT214118.

Apple maintains a Security Releases page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.

APFS
Available for: macOS Monterey
Impact: A malicious application may be able to bypass Privacy
preferences…

Read More

APPLE-SA-07-29-2024-5 macOS Ventura 13.6.8

Read Time:24 Second

Posted by Apple Product Security via Fulldisclosure on Jul 29

APPLE-SA-07-29-2024-5 macOS Ventura 13.6.8

macOS Ventura 13.6.8 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT214120.

Apple maintains a Security Releases page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.

APFS
Available for: macOS Ventura
Impact: A malicious application may be able to bypass Privacy
preferences…

Read More

APPLE-SA-07-29-2024-4 macOS Sonoma 14.6

Read Time:24 Second

Posted by Apple Product Security via Fulldisclosure on Jul 29

APPLE-SA-07-29-2024-4 macOS Sonoma 14.6

macOS Sonoma 14.6 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT214119.

Apple maintains a Security Releases page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.

Accounts
Available for: macOS Sonoma
Impact: A malicious application may be able to access private
information…

Read More

APPLE-SA-07-29-2024-3 iOS 16.7.9 and iPadOS 16.7.9

Read Time:26 Second

Posted by Apple Product Security via Fulldisclosure on Jul 29

APPLE-SA-07-29-2024-3 iOS 16.7.9 and iPadOS 16.7.9

iOS 16.7.9 and iPadOS 16.7.9 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT214116.

Apple maintains a Security Releases page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.

CoreGraphics
Available for: iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation,
iPad Pro…

Read More

APPLE-SA-07-29-2024-2 iOS 17.6 and iPadOS 17.6

Read Time:26 Second

Posted by Apple Product Security via Fulldisclosure on Jul 29

APPLE-SA-07-29-2024-2 iOS 17.6 and iPadOS 17.6

iOS 17.6 and iPadOS 17.6 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT214117.

Apple maintains a Security Releases page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.

AppleMobileFileIntegrity
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch
2nd…

Read More

APPLE-SA-07-29-2024-1 Safari 17.6

Read Time:24 Second

Posted by Apple Product Security via Fulldisclosure on Jul 29

APPLE-SA-07-29-2024-1 Safari 17.6

Safari 17.6 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT214121.

Apple maintains a Security Releases page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.

Safari
Available for: macOS Monterey and macOS Ventura
Impact: Visiting a website that frames malicious content may lead to UI…

Read More