Security Advisory – Critical Apache Struts Vulnerability (CVE-2017-9805)

Summary On September 5, 2017, a critical remote code execution vulnerability (CVE-2017-9805) was disclosed in the Apache Struts framework. Apache Struts is a popular open source framework for Java web application development. All versions of application framework since 2008 until Apache Struts version 2.5.13 (released September 5, 2017) are vulnerable.  Analysts have estimated that at … Continue reading Security Advisory – Critical Apache Struts Vulnerability (CVE-2017-9805)

Shadow Broker’s April 2017 Release

Update - April 15, 2017 Microsoft has evaluated the exploits released by the Shadow Brokers and confirmed that the exploits previously through to be “zero-days” were patched last month with the release of MS17- 010. Kudelski Security highly recommends that clients apply the patches included in MS17-010 as soon as possible to ensure they are … Continue reading Shadow Broker’s April 2017 Release

Microsoft Office HTA Handler Vulnerability (CVE-2017-0199)

This past Friday Cisco publicly disclosed a software vulnerability in the  Cisco Cluster Management Protocol in Cisco IOS and Cisco IOS XE software.  The following is our action report for clients utilizing Cisco devices. Summary CVE-2017-3881 is a critical vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE software […]

Responding to the Cisco CMP Vulnerability

This past Friday Cisco publicly disclosed a software vulnerability in the  Cisco Cluster Management Protocol in Cisco IOS and Cisco IOS XE software.  The following is our action report for clients utilizing Cisco devices. Summary CVE-2017-3881 is a critical vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE software … Continue reading Responding to the Cisco CMP Vulnerability

Responding to Ticketbleed

Today Cloudflare publicly disclosed a software vulnerability in the F5 BIG-IP appliance. The following is our action report for clients utilizing the BIG-IP appliance.  It is worth noting that this only impacts appliances running the non-default Session Tickets option. Summary Ticketbleed is a high severity software vulnerability in the TLS stack of F5 BIG-IP appliances allowing a … Continue reading Responding to Ticketbleed