드림시큐리티社 보안인증S/W(매직라인) 취약점 조치 권고

2023-06-28 KRNCSC Dream Security recommends measures for vulnerabilities in security authentication S/W (magic line)

https://www.ncsc.go.kr:4018/main/cop/bbs/selectBoardArticle.do?bbsId=SecurityAdvice_main&nttId=54336&pageIndex=1

Attachments

230628_드림시큐리티社_보안인증SW매직라인_취약점_조치_권고.pdf (176 KB)

South Korea's National Cyber Security Center warned that a North Korean hacking organization was exploiting a buffer overflow vulnerability in Dream Security's MagicLine4NX authentication software. The advisory says exploitation continued against PCs that had not installed the March 2023 fix and notes similar abuse of INISAFE vulnerabilities as a malware distribution path. Users were advised to check for MagicLine 4.0 versions 1.0.0.26 and earlier and remove the vulnerable software or update to version 1.0.0.27 or later.

Related Reports

« Back