Tag: remote-code-execution
-
Progress WhatsUp Gold RCE Vulnerability PoC Exploit Released
by
in SecurityNewsA registry overwrite remote code execution (RCE) vulnerability has been identified in NmAPI.exe, part of the WhatsUp Gold network monitoring software. This vulnerability, present in versions before 24.0.1, allows an unauthenticated remote attacker to execute arbitrary code on affected systems, posing significant security risks. Vulnerability Details The vulnerability lies within NmAPI.exe, a Windows Communication Foundation…
-
Veeam Issues Patch for Critical RCE Vulnerability in Service Provider Console
by
in SecurityNewsVeeam has released security updates to address a critical flaw impacting Service Provider Console (VSPC) that could pave the way for remote code execution on susceptible instances.The vulnerability, tracked as CVE-2024-42448, carries a CVSS score of 9.9 out of a maximum of 10.0. The company noted that the bug was identified during internal testing.”From the…
-
Exploit released for critical WhatsUp Gold RCE flaw, patch now
by
in SecurityNewsA proof-of-concept (PoC) exploit for a critical-severity remote code execution flaw in Progress WhatsUp Gold has been published, making it critical to install the latest security updates as soon as possible. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/exploit-released-for-critical-whatsup-gold-rce-flaw-patch-now/
-
Veeam warns of critical RCE bug in Service Provider Console
by
in SecurityNewsVeeam released security updates today to address two Service Provider Console (VSPC) vulnerabilities, including a critical remote code execution (RCE) discovered during internal testing. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/veeam-warns-of-critical-rce-bug-in-service-provider-console/
-
SmokeLoader picks up ancient MS Office bugs to pack fresh credential stealer
by
in SecurityNewsThreat actors are using a well-known modular malware loader, SmokeLoader, to exploit known Microsoft Office vulnerabilities and steal sensitive browser credentials.The loader which runs a framework to deploy multiple malware modules, was observed by Fortinet’s FortiGuard Labs in attacks targeting manufacturing, healthcare, and IT companies in Taiwan.”SmokeLoader, known for its ability to deliver other malicious…
-
NachoVPN Tool Exploits Flaws in Popular VPN Clients for System Compromise
by
in SecurityNews
Tags: access, cybersecurity, exploit, flaw, macOS, network, remote-code-execution, tool, vpn, windowsCybersecurity researchers have disclosed a set of flaws impacting Palo Alto Networks and SonicWall virtual private network (VPN) clients that could be potentially exploited to gain remote code execution on Windows and macOS systems.”By targeting the implicit trust VPN clients place in servers, attackers can manipulate client behaviours, execute arbitrary commands, and gain high levels…
-
Apple Safari JavaScriptCore Remote Code Execution Flaw Exploited in the Wild
by
in SecurityNews
Tags: apple, cve, cyber, exploit, flaw, macOS, remote-code-execution, software, threat, vulnerabilityA critical vulnerability identified as CVE-2024-44308 has been actively exploited in the wild, affecting multiple versions of Apple Safari across iOS, visionOS, and macOS platforms. This flaw, located within WebKit’s DFG JIT compiler, poses a significant threat by allowing remote code execution (RCE). Affected Software and Versions Here’s a table summarizing the affected software and…
-
Check Point zeigt Schwachstellen im Linux CUPS-System auf
by
in SecurityNewsCheck Points Kunden sind durch CloudGuard geschützt, insbesondere gegen Remote Code Execution (RCE), die durch die Sicherheitslücke CVE-2024-47176 aus… First seen on infopoint-security.de Jump to article: www.infopoint-security.de/check-point-zeigt-schwachstellen-im-linux-cups-system-auf/a38580/
-
FYSA Critical RCE Flaw in GNU-Linux Systems
by
in SecurityNewsSummary A severe, unauthenticated remote code execution (RCE) flaw has been discovered in GNU Linux systems. The vulnerability, rated CVSS 9.9, affect… First seen on securityintelligence.com Jump to article: securityintelligence.com/news/fysa-critical-rce-flaw-in-gnu-linux-systems/
-
Millionen von Exim-Mailservern sind anfällig für Zero-DayAngriffe
by
in SecurityNewsEine kritische Sicherheitslücke in der Software Exim Mail Transfer Agent bedroht Millionen von Servern weltweit, denn sie erlaubt Angreifern die Ausfü… First seen on 8com.de Jump to article: www.8com.de/cyber-security-blog/millionen-von-exim-mailservern-sind-anfallig-fur-zero-day-rce-angriffe
-
[Updated] Log4Shell: Critical Severity Apache Log4j Remote Code Execution Being Actively Exploited (CVE-2021-44228 CVE-2021-45046)
by
in SecurityNewsUpdate December 17th, 2021: Log4j 2.15.0 Vulnerability Upgraded from Low to Critical Severity (CVSS 9.0) RCE possible in non-default configurations Th… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2021/12/10/log4shell-critical-severity-apache-log4j-remote-code-execution-being-actively-exploited-cve-2021-44228/
-
Spring4Shell A Deep Understanding (CVE-202222965)
by
in SecurityNews(this blog-post was initially published by our colleague Mouad Kondah on Medium) On March 29, 2022, a critical Remote Code Execution vulnerability CVE… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2022/04/05/spring4shell-a-deep-understanding-cve-2022-22965/
-
Critical VMware Authentication Bypass and RCE Vulnerabilities: CVE-2022-31656 and CVE-2022-31659
by
in SecurityNewsProof-of-Concept (PoC) exploit recently released by security researchers. VMware recommends patching affected systems immediately. Executive Summary O… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2022/08/10/critical-vmware-authentication-bypass-and-rce-vulnerabilities-cve-2022-31656-and-cve-2022-31659/
-
SPNEGO NEGOEX: Critical Pre-Authentication RCE Vulnerability in Modern Microsoft Windows Operating Systems (CVE-2022-37958)
by
in SecurityNewsWritten by Mark Stueck of the Kudelski Security Threat Detection & Research Team Summary On Tuesday, December 13th, Microsoft reclassified a previ… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2022/12/14/advisory-spnego-negoex-critical-pre-authentication-rce-vulnerability-in-modern-microsoft-windows-operating-systems-cve-2022-37958/
-
Active exploitation of Citrix ADC and Gateway Critical Remote Code Execution Vulnerability by Suspected Chinese APT5 (CVE-2022-27518)
by
in SecurityNewsWritten by Harish Segar of the Kudelski Security Threat Detection & Research Team Summary On December 13, 2022, The U.S. National Security Agency … First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2022/12/15/advisory-active-exploitation-of-citrix-adc-and-gateway-critical-remote-code-execution-vulnerability-by-suspected-chinese-apt5/
-
Linux Kernel ksmbd Remote Code Execution Vulnerability
by
in SecurityNewsNote: This bulletin was written by Eric Dodge of the Kudelski Security Threat Detection & Research Team Summary The Zero Day Initiative (ZDI) rece… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2022/12/22/bulletin-linux-kernel-ksmbd-remote-code-execution-vulnerability/
-
CVE-2023-27997 Pre-Authentication RCE on FortiGate SSL-VPN
by
in SecurityNewsWritten by Harish Segar and Scott Emerson of the Kudelski Security Threat Detection & Research Team June 13th, update 2: Technical details of bug … First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2023/06/12/cve-2023-27997-fortigate-ssl-vpn/
-
CVE-2023-33308 Critical Remote Code Execution (RCE) on FortiOS/FortiProxy
by
in SecurityNewsWritten by Eric Dodge and Harish Segar of the Kudelski Security Threat Detection & Research Team Summary Fortinet recently disclosed a critical bu… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2023/07/13/cve-2023-33308-critical-remote-code-execution-rce-on-fortios-fortiproxy/
-
CVE-2023-36884 Office and Windows HTML Remote Code Execution Vulnerability
by
in SecurityNewsWritten by Yann Lehmann and Harish Segar of the Kudelski Security Threat Detection & Research Team Summary On July 11th, Microsoft disclosed a rem… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2023/07/14/cve-2023-36884-office-and-windows-html-remote-code-execution-vulnerability/
-
F5 BIG-IP Unauthenticated RCE via HTTP Request Smuggling
by
in SecurityNewsWritten by Scott Emerson of the Kudelski Security Threat Detection & Research Team Summary Researchers at Praetorian have discovered a request smu… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2023/10/27/f5-big-ip-unauthenticated-rce-via-http-request-smuggling/
-
CVE-2023-46604 Apache ActiveMQ RCE vulnerability
by
in SecurityNewsWritten by Joshua Cartlidge of the Kudelski Security Threat Detection & Research Team Summary On October 25, 2023, Apache disclosed an ActiveMQ Re… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2023/11/03/cve-2023-46604-apache-activemq-rce-vulnerability/
-
Ivanti Connect Secure/Policy Secure CVE-2023-46805, CVE-2024-21887 Combine for Unauthenticated RCE, and following CVEs discovered over time
by
in SecurityNewsWritten by the Kudelski Security Threat Detection & Research Team (updated on 2024.02.12 by Yann Lehmann) Summary Ivanti Connect Secure (ICS) and … First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2024/01/11/ivanti-connect-secure-policy-secure-cve-2023-46805-cve-2024-21887-combine-for-unauthenticated-rce/
-
Remote Code Execution in OpenSSH’s Server (CVE-2024-6387) regreSSHion
by
in SecurityNewsSummary A critical vulnerability (CVE-2024-6387) named regreSSHion has been discovered in OpenSSH’s server (sshd), which allows for remote code execut… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2024/07/01/remote-code-execution-in-opensshs-server-cve-2024-6387-regresshion/
-
Splunk Enterprise Multiple Vulnerabilities for RCE
by
in SecurityNewsSummary Splunk has disclosed several high-severity vulnerabilities in Splunk Enterprise and Splunk Cloud Platform, which allowattackers to execute rem… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2024/10/16/splunk-enterprise-multiple-vulnerabilities-for-rce/
-
FortiManager Critical CVE-2024-47575 >>FortiJump<< Allows RCE
by
in SecurityNewsSummary On October 23, 2024, Fortinet published an advisory for CVE-2024-47575, a critical-severity zero day affecting FortiManager. Missing authentic… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2024/10/25/fortimanager-critical-cve-2024-47575-fortijump-allows-rce/
-
Blind SSRF to RCE Vulnerability Exploitation
by
in SecurityNewsFirst seen on resecurity.com Jump to article: www.resecurity.com/blog/article/blind-ssrf-to-rce-vulnerability-exploitation
-
Apache Fixes OFBiz Remote Code Execution Flaw
by
in SecurityNewsFirst seen on duo.com Jump to article: duo.com/decipher/apache-fixes-ofbiz-remote-code-execution-flaw
-
CVE-2024-3094: Malicious Code in XZ Utils Enables RCE on Linux Systems
by
in SecurityNewsA recent analysis has revealed that the malicious code embedded in the widely-used open-source library XZ Utils (present in multiple Linux distros) ca… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/cve-2024-3094-xz-utils-linux/
-
‘Tis the season for website cloning tools, RCEs and AI phishing lures
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/news/tis-the-season-for-website-cloning-tools-rces-and-ai-phishing-lures