Mar 10, 2021
As stewards of the lush and vast landscape of security vulnerabilities, we felt obliged to share with you the top trending CVEs of the past month (who's excited for winter to be over?! 😁☀️🌷). Brace yourself! Ok, here we go.
A new and major vulnerability was recently discovered. CVE 2021-3156, which is also known as Baron Samedit, is considered potentially severe. The cybersecurity experts are encouraging users and administrators to review this vulnerability and patch it as soon as possible. With this CVE, a threat actor may gain unprivileged root access and exploit Linux and Unix-based operating systems.
Since this vulnerability uses the default within most Linux systems, the potential for exploitation is high. IT employees need to quickly identify which Linux systems are at risk and track remediation progress.
This vulnerability was disclosed on January 26, 2021. It’s a heap-based overflow recognized in Sudo, a utility that allows users to run programs with the security privilege of another user.
The exploitation of this vulnerability allows an unprivileged user to gain root-level privileges. It was introduced in July 2011 and has been in hiding for nearly 10 years. When combined with a remote code execution exploit, an attacker may gain access to a system and increase its privileges.
Prefer to listen instead? We got you covered 😏
WFH Do's and Don'tsKent Weigle April 19, 2021
Strengthening your WFH Cyber HygieneKent Weigle April 19, 2021
WFH Security Survival GuideKent Weigle April 15, 2021
What to Expect on Patch TuesdayKent Weigle March 03, 2021
MICROSOFT ANNOUNCES PLANS TO TERMINATE PATCH TUESDAY; SECURITY TEAMS REJOICEKent Weigle March 31, 2021