Tag: cve

HPE IceWall Flaw Let Attackers cause Unauthorized Data Modification

Dec 2, 2024 2:28 PM

by

Andy Stern

in SecurityNews

Tags: cve, cyber, data, flaw, threat, unauthorized, vulnerability

Hewlett Packard Enterprise (HPE) has issued an urgent security bulletin addressing a critical vulnerability in its IceWall product line. Identified as CVE-2024-11856, this flaw could allow attackers to remotely modify data without authorization. This flaw is capable of enabling unauthorized data modification from remote locations, posing a significant security threat to the affected systems. Vulnerability…
Apple Safari JavaScriptCore Remote Code Execution Flaw Exploited in the Wild

Dec 2, 2024 8:30 AM

by

Andy Stern

in SecurityNews

Tags: apple, cve, cyber, exploit, flaw, macOS, remote-code-execution, software, threat, vulnerability

A critical vulnerability identified as CVE-2024-44308 has been actively exploited in the wild, affecting multiple versions of Apple Safari across iOS, visionOS, and macOS platforms. This flaw, located within WebKit’s DFG JIT compiler, poses a significant threat by allowing remote code execution (RCE). Affected Software and Versions Here’s a table summarizing the affected software and…
Inside the 2024 CWE Top 25: Trends, surprises, and persistent challenges

Dec 2, 2024 6:28 AM

by

Andy Stern

in SecurityNews

Tags: cve, mitre, software

In this Help Net Security interview, Alec Summers, Project Leader for the CVE Program at MITRE, shares his insights on the 2024 CWE top 25 most dangerous software weaknesses. … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/12/02/alec-summers-mitre-cwe-top-25-2024/
Kommentar von Qualys zum Patch Tuesday

Dec 1, 2024 6:27 PM

by

Andy Stern

in SecurityNews

Tags: cve, update, vulnerability, windows

Die Auswirkungen von CVE-2024-38080, einer Schwachstelle in Windows Hyper-V, sind enorm, da diese Schwachstelle Angreifern den höchsten Systemzugriff … First seen on infopoint-security.de Jump to article: www.infopoint-security.de/kommentar-von-qualys-zum-patch-tuesday/a37772/
Check Point zeigt Schwachstellen im Linux CUPS-System auf

Dec 1, 2024 3:26 PM

by

Andy Stern

in SecurityNews

Tags: bug, cve, linux, remote-code-execution, vulnerability

Check Points Kunden sind durch CloudGuard geschützt, insbesondere gegen Remote Code Execution (RCE), die durch die Sicherheitslücke CVE-2024-47176 aus… First seen on infopoint-security.de Jump to article: www.infopoint-security.de/check-point-zeigt-schwachstellen-im-linux-cups-system-auf/a38580/
The discovery of Gatekeeper bypass CVE-2023-27943

Dec 1, 2024 3:19 AM

by

Andy Stern

in SecurityNews

Tags: cve

First seen on blog.f-secure.com Jump to article: blog.f-secure.com/discovery-of-gatekeeper-bypass-cve-2023-27943/
[Updated] Log4Shell: Critical Severity Apache Log4j Remote Code Execution Being Actively Exploited (CVE-2021-44228 CVE-2021-45046)

Dec 1, 2024 2:19 AM

by

Andy Stern

in SecurityNews

Tags: apache, cve, exploit, rce, remote-code-execution, update, vulnerability

Update December 17th, 2021: Log4j 2.15.0 Vulnerability Upgraded from Low to Critical Severity (CVSS 9.0) RCE possible in non-default configurations Th… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2021/12/10/log4shell-critical-severity-apache-log4j-remote-code-execution-being-actively-exploited-cve-2021-44228/
Dirty Pipe Linux Kernel Local Privilege Escalation (LPE) Vulnerability (CVE-2022-0847)

Dec 1, 2024 2:19 AM

by

Andy Stern

in SecurityNews

Tags: cve, linux, vulnerability

Summary CVE-2022-0847 was disclosed on March 7th and since has been named Dirty Pipe. This linuxkernel vulnerability is caused by improperly handling … First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2022/04/04/dirty-pipe-linux-kernel-local-privilege-escalation-lpe-vulnerability-cve-2022-0847/
Critical VMware Authentication Bypass and RCE Vulnerabilities: CVE-2022-31656 and CVE-2022-31659

Dec 1, 2024 2:19 AM

by

Andy Stern

in SecurityNews

Tags: authentication, cve, exploit, rce, remote-code-execution, update, vmware, vulnerability

Proof-of-Concept (PoC) exploit recently released by security researchers. VMware recommends patching affected systems immediately. Executive Summary O… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2022/08/10/critical-vmware-authentication-bypass-and-rce-vulnerabilities-cve-2022-31656-and-cve-2022-31659/
OpenSSL 3 Buffer overflow vulnerabilities: CVE-2022-3786 and CVE-2022-3602

Dec 1, 2024 2:19 AM

by

Andy Stern

in SecurityNews

Tags: cve, detection, threat, vulnerability

Note: This Bulletin was contributed to by Kudelski Security’s Threat Detection & Research Team. Specifically Mark Stueck. Executive Summary On the… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2022/11/01/openssl-3-buffer-overflow-vulnerabilities-cve-2022-3786-and-cve-2022-3602/
Multiple CVEs in threshold cryptography implementations

Dec 1, 2024 2:19 AM

by

Andy Stern

in SecurityNews

Tags: cryptography, cve

Introduction io.finnet hired us to perform a code audit of their threshold ECDSA signature implementation called tss-lib based on the paper UC Non-Int… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2023/03/23/multiple-cves-in-threshold-cryptography-implementations/
CVE-2023-27532 Veeam Backup Replication Vulnerability Exposes Stored Credentials, No Auth Necessary

Dec 1, 2024 2:19 AM

by

Andy Stern

in SecurityNews

Tags: access, backup, credentials, cve, detection, threat, veeam, vulnerability

Written by Mark Stueck and Scott Emersonof the Kudelski Security Threat Detection & Research Team CVE-2023-27532: Unauthenticated Access to Cleart… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2023/03/10/cve-2023-27532-veeam-backup-amp-replication-vulnerability-exposes-stored-credentials-no-auth-necessary/
CVE-2023-23397 Microsoft Outlook Privilege Elevation Critical Vulnerability

Dec 1, 2024 2:19 AM

by

Andy Stern

in SecurityNews

Tags: cve, detection, microsoft, threat, vulnerability

Written by Lina JimÃ©nez Becerra, Anton Jörgensson and Mark Stueck of the Kudelski Security Threat Detection & Research Team CVE-2023-23397: Abili… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2023/03/15/cve-2023-23397-microsoft-outlook-privilege-elevation-critical-vulnerability/
CVE-2023-27997 Pre-Authentication RCE on FortiGate SSL-VPN

Dec 1, 2024 2:19 AM

by

Andy Stern

in SecurityNews

Tags: authentication, cve, detection, rce, remote-code-execution, threat, update, vpn

Written by Harish Segar and Scott Emerson of the Kudelski Security Threat Detection & Research Team June 13th, update 2: Technical details of bug … First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2023/06/12/cve-2023-27997-fortigate-ssl-vpn/
CVE-2023-33308 Critical Remote Code Execution (RCE) on FortiOS/FortiProxy

Dec 1, 2024 2:19 AM

by

Andy Stern

in SecurityNews

Tags: cve, detection, fortinet, remote-code-execution, threat

Written by Eric Dodge and Harish Segar of the Kudelski Security Threat Detection & Research Team Summary Fortinet recently disclosed a critical bu… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2023/07/13/cve-2023-33308-critical-remote-code-execution-rce-on-fortios-fortiproxy/
CVE-2023-36884 Office and Windows HTML Remote Code Execution Vulnerability

Dec 1, 2024 2:19 AM

by

Andy Stern

in SecurityNews

Tags: cve, detection, microsoft, office, remote-code-execution, threat, vulnerability, windows

Written by Yann Lehmann and Harish Segar of the Kudelski Security Threat Detection & Research Team Summary On July 11th, Microsoft disclosed a rem… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2023/07/14/cve-2023-36884-office-and-windows-html-remote-code-execution-vulnerability/
CVE-2023-46604 Apache ActiveMQ RCE vulnerability

Dec 1, 2024 2:19 AM

by

Andy Stern

in SecurityNews

Tags: apache, cve, detection, rce, remote-code-execution, threat, vulnerability

Written by Joshua Cartlidge of the Kudelski Security Threat Detection & Research Team Summary On October 25, 2023, Apache disclosed an ActiveMQ Re… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2023/11/03/cve-2023-46604-apache-activemq-rce-vulnerability/
Ivanti Connect Secure/Policy Secure CVE-2023-46805, CVE-2024-21887 Combine for Unauthenticated RCE, and following CVEs discovered over time

Dec 1, 2024 1:19 AM

by

Andy Stern

in SecurityNews

Tags: cve, detection, ivanti, rce, remote-code-execution, threat

Written by the Kudelski Security Threat Detection & Research Team (updated on 2024.02.12 by Yann Lehmann) Summary Ivanti Connect Secure (ICS) and … First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2024/01/11/ivanti-connect-secure-policy-secure-cve-2023-46805-cve-2024-21887-combine-for-unauthenticated-rce/
CVE-2024-4956 Unauthenticated Path Traversal in Nexus Repository Manager 3

Dec 1, 2024 1:19 AM

by

Andy Stern

in SecurityNews

Tags: cve, flaw

Nexus Repository Manager serves as a hub for managing, storing, and disseminating development artifacts. A critical security flaw, identified as a pat… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2024/06/03/cve-2024-4956-unauthenticated-path-traversal-in-nexus-repository-manager-3/
Critical Authentication Bypass in Juniper Session Smart Router CVE-2024-2973

Dec 1, 2024 1:19 AM

by

Andy Stern

in SecurityNews

Tags: authentication, cve, network, router, vulnerability

Summary Juniper Networks has issued an out-of-cycle security bulletin to address a critical vulnerability (CVE-2024-2973) thataffects Session Smart Ro… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2024/07/01/critical-authentication-bypass-in-juniper-session-smart-router-cve20242973/
Critical Security Updates for Palo Alto Networks: CVE-2024-5910 CVE-2024-3596

Dec 1, 2024 1:19 AM

by

Andy Stern

in SecurityNews

Tags: cve, flaw, network, update, vulnerability

Summary Palo Alto Networks has released critical security updates addressing several vulnerabilities, including a high-severity flaw in the Expedition… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2024/07/15/critical-security-updates-for-palo-alto-networks-cve-2024-5910-cve-2024-3596/
Security Advisory: CVE-2024-45519

Dec 1, 2024 1:19 AM

by

Andy Stern

in SecurityNews

Tags: advisory, cve, email, service, vulnerability

Summary CVE-2024-45519 is a critical security vulnerability discovered in the postjournal service of Zimbra Collaboration Suite, a popular email and c… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2024/10/02/security-advisory-cve-2024-45519/
Kubernetes Image Builder Vulnerabilities

Dec 1, 2024 1:19 AM

by

Andy Stern

in SecurityNews

Tags: cve, kubernetes, vulnerability

Summary Recently released were two vulnerabilities, CVE-2024-9486 (CVSS 9.8) and CVE-2024-9594 (CVSS 6.3), that impact the Kubernetes Image Builder. T… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2024/10/17/kubernetes-image-builder-vulnerabilities/
FortiManager Critical CVE-2024-47575 >>FortiJump<< Allows RCE

Dec 1, 2024 1:19 AM

by

Andy Stern

in SecurityNews

Tags: advisory, cve, fortinet, rce, remote-code-execution, zero-day

Summary On October 23, 2024, Fortinet published an advisory for CVE-2024-47575, a critical-severity zero day affecting FortiManager. Missing authentic… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2024/10/25/fortimanager-critical-cve-2024-47575-fortijump-allows-rce/
regreSSHion Vulnerability: CVE-2024-6387 in OpenSSH

Dec 1, 2024 1:19 AM

by

Andy Stern

in SecurityNews

Tags: cve, vulnerability

id=introduction>Introduction OpenSSH stands as a cornerstone for secure remote administration. However, recent findings have found a vulnerability… First seen on thefinalhop.com Jump to article: www.thefinalhop.com/regresshion-vulnerability-cve-2024-6387-in-openssh/
CVE-2024-4879 and CVE-2024-5217 (ServiceNow RCE) Exploitation in a Global Reconnaissance Campaign

Dec 1, 2024 12:19 AM

by

Andy Stern

in SecurityNews

Tags: cve, exploit

First seen on resecurity.com Jump to article: www.resecurity.com/blog/article/cve-2024-4879-and-cve-2024-5217-servicenow-rce-exploitation-in-a-global-reconnaissance-campaign
CVE-2023-48022: ShadowRay Flaw a Critical Threat to AI Infrastructure

Dec 1, 2024 12:18 AM

by

Andy Stern

in SecurityNews

Tags: ai, attack, cve, flaw, infrastructure, threat, vulnerability

The Oligo research team recently uncovered an ongoing attack campaign, dubbed ShadowRay, targeting a vulnerability in Ray, a widely utilized open-sour… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/cve-2023-48022-shadowray/
CVE-2024-28085: Linux Flaw Could Leak Passwords

Dec 1, 2024 12:18 AM

by

Andy Stern

in SecurityNews

Tags: cve, flaw, leak, linux, password, vulnerability

A recently identified vulnerability affecting the >>wall
CVE-2024-3094: Malicious Code in XZ Utils Enables RCE on Linux Systems

Dec 1, 2024 12:18 AM

by

Andy Stern

in SecurityNews

Tags: cve, linux, malicious, open-source, rce, remote-code-execution

A recent analysis has revealed that the malicious code embedded in the widely-used open-source library XZ Utils (present in multiple Linux distros) ca… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/cve-2024-3094-xz-utils-linux/
CVE-2024-21388 Enables Silent Installation of Malicious Extensions

Dec 1, 2024 12:18 AM

by

Andy Stern

in SecurityNews

Tags: cve, malicious, microsoft, vulnerability

A recently patched security vulnerability in Microsoft Edge could have allowed malicious actors to stealthily install arbitrary extensions on users’ s… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/cve-2024-21388-edge-flaw/