Tag: remote-code-execution
-
SolarWinds Web Help Desk Vulnerability Allows Remote Code Execution
A critical vulnerability in SolarWinds Web Help Desk has been identified. It could allow attackers to execute arbitrary code on affected systems. The vulnerability tracked as CVE-2024-28988 was discovered by the Trend Micro Zero Day Initiative (ZDI) team during their investigation into a previous security flaw. CVE-2024-28988: Java Deserialization Flaw The vulnerability stems from a…
-
VMware fixes high-severity SQL injection flaw CVE-2024-38814 in HCX
VMware fixes a high-severity SQL injection flaw in HCX allowing non-admin users to remotely execute code on the HCX manager. VMWare warns to address a remote code execution vulnerability, tracked as CVE-2024-38814 (CVSS score of 8.8), in its HCX application mobility platform. The vulnerability is an authenticated SQL injection vulnerability in HCX, it was privately…
-
Splunk Enterprise Multiple Vulnerabilities for RCE
Summary Splunk has disclosed several high-severity vulnerabilities in Splunk Enterprise and Splunk Cloud Platform, which allowattackers to execute remote code on vulnerable systems. The vulnerabilities, First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2024/10/16/splunk-enterprise-multiple-vulnerabilities-for-rce/
-
Splunk Enterprise Update Patches Remote Code Execution Vulns
First seen on packetstormsecurity.com Jump to article: packetstormsecurity.com/news/view/36473/Splunk-Enterprise-Update-Patches-Remote-Code-Execution-Vulns.html
-
Splunk Enterprise Update Patches Remote Code Execution Vulnerabilities
Splunk has released patches for multiple vulnerabilities in Splunk Enterprise, including two high-severity remote code execution flaws. The post Splunk Enterprise Update Patches Remote Code Execution Vulnerabilities appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/splunk-enterprise-update-patches-remote-code-execution-vulnerabilities/
-
pac4j Java Framework Vulnerable to RCE Attacks
A critical security vulnerability has been discovered in the popular Java framework pac4j. The vulnerability specifically affects versions before 4.0 of the pac4j-core module. This vulnerability, identified as CVE-2023-25581, exposes systems to potential remote code execution (RCE) attacks due to a flaw in the deserialization process. Vulnerability Details CVE-2023-25581 The issue stems from a […]…
-
Remote Code Execution möglich – Kritische Sicherheitslücken in WhatsUp Gold gefährden Netzwerke
Tags: remote-code-executionFirst seen on security-insider.de Jump to article: www.security-insider.de/kritische-sicherheitsluecken-in-whatsup-gold-a-4382d9addffa7de9824c0ab1678e113d/
-
Critical Veeam RCE leveraged in Akira, Fog ransomware attacks
First seen on scworld.com Jump to article: www.scworld.com/brief/critical-veeam-rce-leveraged-in-akira-fog-ransomware-attacks
-
Akira, Fog Ransomware Leverages Critical Veeam RCE
First seen on scworld.com Jump to article: www.scworld.com/brief/akira-fog-ransomware-leverages-critical-veeam-rce
-
NHS England Warns of Critical Veeam Vulnerability Under Active Exploitation
NHS England has issued an alert regarding a critical Veeam Backup & Replication vulnerability that is being actively exploited, potentially leading to remote code execution First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/nhs-england-warns-cve-active/
-
Akira and Fog ransomware now exploit critical Veeam RCE flaw
Ransomware gangs now exploit a critical security vulnerability that lets attackers gain remote code execution (RCE) on vulnerable Veeam Backup & Replication (VBR) servers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/akira-and-fog-ransomware-now-exploiting-critical-veeam-rce-flaw/
-
Technical Analysis of DarkVision RAT
Tags: access, antivirus, api, attack, cloud, communications, computer, control, cybercrime, data, detection, encryption, endpoint, infection, injection, malicious, malware, network, open-source, password, powershell, rat, remote-code-execution, startup, tactics, theft, threat, tool, windowsIntroductionDarkVision RAT is a highly customizable remote access trojan (RAT) that first surfaced in 2020, offered on Hack Forums and their website for as little as $60. Written in C/C++, and assembly, DarkVision RAT has gained popularity due to its affordability and extensive feature set, making it accessible even to low-skilled cybercriminals. The RAT’s capabilities…
-
Check Point zeigt Schwachstellen im Linux CUPS-System auf
Check Points Kunden sind durch CloudGuard geschützt, insbesondere gegen Remote Code Execution (RCE), die durch die Sicherheitslücke CVE-2024-47176 ausgelöst werden kann. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/check-point-zeigt-schwachstellen-im-linux-cups-system-auf/a38580/
-
CISA Warns of Critical Fortinet Flaw as Palo Alto and Cisco Issue Urgent Security Patches
Tags: cisa, cisco, cve, cybersecurity, exploit, flaw, fortinet, infrastructure, kev, remote-code-execution, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting Fortinet products to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.The vulnerability, tracked as CVE-2024-23113 (CVSS score: 9.8), relates to cases of remote code execution that affects FortiOS, FortiPAM, FortiProxy, and FortiWeb.”A First seen on thehackernews.com…
-
Patch Tuesday: Microsoft Fixes Management Console RCE Zero-Day
First seen on scworld.com Jump to article: www.scworld.com/brief/patch-tuesday-microsoft-fixes-management-console-rce-zero-day
-
CISA says critical Fortinet RCE flaw now exploited in attacks
Today, CISA revealed that attackers actively exploit a critical FortiOS remote code execution (RCE) vulnerability in the wild. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-says-critical-fortinet-rce-flaw-now-exploited-in-attacks/
-
Researchers Uncover Major Security Vulnerabilities in Industrial MMS Protocol Libraries
Details have emerged about multiple security vulnerabilities in two implementations of the Manufacturing Message Specification (MMS) protocol that, if successfully exploited, could have severe impacts in industrial environments.”The vulnerabilities could allow an attacker to crash an industrial device or in some cases, enable remote code execution,” Claroty researchers Mashav Sapir and Vera First seen on…
-
CISA Warns of Microsoft Zero-Day Vulnerabilities Exploited in the Wild
Tags: cisa, cve, cyber, cybersecurity, exploit, infrastructure, microsoft, remote-code-execution, risk, vulnerability, windows, zero-dayThe Cybersecurity and Infrastructure Security Agency (CISA) has warned regarding two critical zero-day vulnerabilities affecting Microsoft Windows products. These vulnerabilities, identified as CVE-2024-43572 and CVE-2024-43573, pose significant security risks and have been reportedly exploited in the wild. CVE-2024-43572: Microsoft Windows Management Console Remote Code Execution Vulnerability The first vulnerability, CVE-2024-43572, affects the Microsoft Windows Management…
-
New scanner finds Linux, UNIX servers exposed to CUPS RCE attacks
An automated scanner has been released to help security professionals scan environments for devices vulnerable to the Common Unix Printing System (CUPS) RCE flaw tracked as CVE-2024-47176. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/software/new-scanner-finds-linux-unix-servers-exposed-to-cups-rce-attacks/
-
Apache Avro SDK Flaw Could Enable Java Apps RCE
First seen on scworld.com Jump to article: www.scworld.com/brief/apache-avro-sdk-flaw-could-enable-java-apps-rce
-
RCE in Java apps likely with critical Apache Avro SDK vulnerability
First seen on scworld.com Jump to article: www.scworld.com/brief/rce-in-java-apps-likely-with-critical-apache-avro-sdk-vulnerability
-
Open-Source Scanner Released to Detect CUPS Vulnerability
A new open-source scanner has been released to detect a critical vulnerability in the Common Unix Printing System (CUPS), explicitly targeting CVE-2024-47176. This vulnerability and others in the chain pose significant risks as it can allow remote code execution on UNIX and UNIX-like systems. The scanner aims to help system administrators identify and mitigate these…
-
Critical Apache Avro SDK RCE flaw impacts Java applications
A critical vulnerability in the Apache Avro Java Software Development Kit (SDK) could be exploited to execute arbitrary code on vulnerable instances. A critical vulnerability, tracked as CVE-2024-47561, in the Apache Avro Java Software Development Kit (SDK) could allow the execution of arbitrary code on vulnerable instances. The flaw, tracked as CVE-2024-47561, impacts all versions of…
-
RCE Vulnerability (CVE-2024-30052) Allow Attackers To Exploit Visual Studio via Dump Files
The researcher investigated the potential security risks associated with debugging dump files in Visual Studio by focusing on vulnerabilities that could be exploited without relying on memory corruption or specific PDB file components. After analyzing various libraries used during debug sessions, they discovered a method to execute arbitrary code when debugging managed dump files, which…
-
Cacti Network Monitoring Tool Vulnerability Let Attackers Execute Remote Code
A critical security vulnerability has been identified in the Cacti network monitoring tool that could allow attackers to execute remote code on affected systems. The vulnerability, detailed in the recent release of Cacti version 1.2.28, highlights the need for system administrators to pay immediate attention to this popular open-source software. Remote Code Execution via Log…
-
Critical Apache Avro SDK Flaw Allows Remote Code Execution in Java Applications
A critical security flaw has been disclosed in the Apache Avro Java Software Development Kit (SDK) that, if successfully exploited, could allow the execution of arbitrary code on susceptible instances.The flaw, tracked as CVE-2024-47561, impacts all versions of the software prior to 1.11.4.”Schema parsing in the Java SDK of Apache Avro 1.11.3 and previous versions…
-
19.6K+ Public Zimbra Installations Vulnerable to Code Execution Attacks CVE-2024-45519
A critical vulnerability in Zimbra’s postjournal service, identified as CVE-2024-45519, has left over 19,600 public Zimbra installations exposed to remote code execution attacks. This vulnerability, with a CVSS score of 9.8, allows unauthenticated attackers to execute arbitrary commands on affected Zimbra installations, posing a significant threat to the security and integrity of these systems. Scans…
-
Week in review: Critical Zimbra RCE vulnerability exploited, Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: October 2024 Patch Tuesday forecast: Recall can be recalled October arrived, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/10/06/week-in-review-critical-zimbra-rce-vulnerability-exploited-patch-tuesday-forecast/
-
Ivanti Confirms Exploitation of an Old Critical Vuln
Remote Code Execution Bug Exploited in Limited Attacks. Ivanti confirmed that hackers are exploiting an SQL injection vulnerability in its Ivanti Endpoint Manager enabling remote code execution, despite the company addressing the issue with a patch in May. The flaw allows unauthenticated attackers within the same network to execute arbitrary code. First seen on govinfosecurity.com…