Italy ACN News alt

High Severity Junos OS Arbitrary Code Execution Vulnerability Fixed

ACN issued Alert AL05/260423/CSIRT-ITA warning of a high-severity arbitrary code execution vulnerability in Juniper Networks' Junos OS and Junos OS Evolved. The vulnerability, CVE-2026-33791, could allow a malicious user with elevated privileges to execute arbitrary code by bypassing security features on affected systems. Multiple versions of Junos OS and Junos OS Evolved across six release branches are affected, with ACN recommending users update to patched versions as specified in Juniper's security bulletin.

Ruby ERB Remote Code Execution Vulnerability CVE-2026-41316

ACN Italia ha rilevato una vulnerabilità critica (CVE-2026-41316) nella libreria Ruby 'erb' che consente a un utente malintenzionato remoto di eseguire codice arbitrario sui sistemi target. La vulnerabilità interessa erb gem versione 6.0.3 e precedenti, con un impatto sistemico classificato come Alto (66.41). Il CSIRT-ITA raccomanda di aggiornare immediatamente le versioni vulnerabili seguendo le indicazioni del bollettino di sicurezza Ruby-lang.

CrowdStrike LogScale Arbitrary File Read Vulnerability Resolved

Agenzia per la Cybersicurezza Nazionale (ACN) published an alert (AL03/260423/CSIRT-ITA) regarding a critical arbitrary file read vulnerability in CrowdStrike LogScale, identified as CVE-2026-40050. The vulnerability affects LogScale Self-Hosted versions from 1.224.0 to 1.233.0 (inclusive), 1.234.x versions prior to 1.234.1, and LTS version 1.228.1 and earlier. ACN recommends updating vulnerable products per the vendor security bulletin referenced in the alert.