Alert: CISA warns of active “Roundcube” email attacks.

February 13, 2024PressroomEmail Vulnerabilities/Security

Email attacks

The US Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a medium-severity security flaw impacting Roundcube email software to its catalog of known exploited vulnerabilities (KEVs), based on evidence of exploitation active.

The problem, traced as CVE-2023-43770 (CVSS score: 6.1), refers to a cross-site scripting (XSS) flaw that arises from the handling of linkrefs in plain text messages.

“Roundcube Webmail contains a persistent cross-site scripting (XSS) vulnerability that can lead to information disclosure via references to malicious links in plain/text messages,” CISA said.

Cyber ​​security

According to a description of the bug on NIST’s National Vulnerability Database (NVD), the vulnerability affects Roundcube versions before 1.4.14, 1.5.x before 1.5.4, and 1.6.x before 1.6.3.

The flaw was fixed by Roundcube maintainers with version 1.6.3, released on September 15, 2023. Zscaler security researcher Niraj Shivtarkar was credited with discovering and reporting the vulnerability.

It is currently unknown how the vulnerability is exploited in the wild, but flaws in the web-based email client were weaponized by Russia-linked hackers such as APT28 and Winter Vivern last year.

US Federal Civilian Executive Branch (FCEB) agencies have been mandated to apply vendor-provided solutions by March 4, 2024, to protect their networks from potential threats.

Did you find this article interesting? Follow us on Twitter and LinkedIn to read the most exclusive content we publish.

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *