Tag: vulnerability

Dirty Pipe Linux Kernel Local Privilege Escalation (LPE) Vulnerability (CVE-2022-0847)

Dec 1, 2024 2:19 AM

by

Andy Stern

in SecurityNews

Tags: cve, linux, vulnerability

Summary CVE-2022-0847 was disclosed on March 7th and since has been named Dirty Pipe. This linuxkernel vulnerability is caused by improperly handling … First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2022/04/04/dirty-pipe-linux-kernel-local-privilege-escalation-lpe-vulnerability-cve-2022-0847/
Spring4Shell A Deep Understanding (CVE-202222965)

Dec 1, 2024 2:19 AM

by

Andy Stern

in SecurityNews

Tags: remote-code-execution, vulnerability

(this blog-post was initially published by our colleague Mouad Kondah on Medium) On March 29, 2022, a critical Remote Code Execution vulnerability CVE… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2022/04/05/spring4shell-a-deep-understanding-cve-2022-22965/
Active Directory Domain Services Elevation of Privilege Vulnerability

Dec 1, 2024 2:19 AM

by

Andy Stern

in SecurityNews

Tags: detection, service, threat, update, vulnerability

This bulletin was written by Michal Nowakowski of the Kudelski Security Threat Detection & Research Team Update June 1st, 2022, 1830h UTC (2.30PM … First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2022/05/16/active-directory-domain-services-elevation-of-privilege-vulnerability/
>>Follina<< (CVE-2022-30190): Microsoft Support Diagnostic Tool 0-Day Vulnerability Being Actively Exploited

Dec 1, 2024 2:19 AM

by

Andy Stern

in SecurityNews

Tags: detection, exploit, microsoft, threat, tool, vulnerability, zero-day

This bulletin was written by Michal Nowakowski of the Kudelski Security Threat Detection & Research Team Summary On May 27th, 2022, threat researc… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2022/05/31/follina-cve-2022-30190-microsoft-support-diagnostic-tool-0-day-vulnerability-being-actively-exploited/
>>SynLapse<< Azure Synapse Pipeline and Data Factory Vulnerability (CVE-2022-29972)ï¿¼

Dec 1, 2024 2:19 AM

by

Andy Stern

in SecurityNews

Tags: data, detection, microsoft, threat, vulnerability

This bulletin was written by Eric Dodge of the Kudelski Security Threat Detection & Research Team Summary Microsoft has recently mitigated a vulne… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2022/06/15/synlapse-azure-synapse-pipeline-and-data-factory-vulnerability-cve-2022-29972/
High Severity VMware Vulnerabilities Under Active Exploitationï¿¼

Dec 1, 2024 2:19 AM

by

Andy Stern

in SecurityNews

Tags: detection, threat, vmware, vulnerability

This bulletin was written by Travis Holland and Eric Dodge of the Kudelski Security Threat Detection & Research Team Executive Summary On May 18th… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2022/05/20/high-severity-vmware-vulnerabilities-under-active-exploitation%ef%bf%bc/
Critical VMware Authentication Bypass and RCE Vulnerabilities: CVE-2022-31656 and CVE-2022-31659

Dec 1, 2024 2:19 AM

by

Andy Stern

in SecurityNews

Tags: authentication, cve, exploit, rce, remote-code-execution, update, vmware, vulnerability

Proof-of-Concept (PoC) exploit recently released by security researchers. VMware recommends patching affected systems immediately. Executive Summary O… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2022/08/10/critical-vmware-authentication-bypass-and-rce-vulnerabilities-cve-2022-31656-and-cve-2022-31659/
OpenSSL 3 Buffer overflow vulnerabilities: CVE-2022-3786 and CVE-2022-3602

Dec 1, 2024 2:19 AM

by

Andy Stern

in SecurityNews

Tags: cve, detection, threat, vulnerability

Note: This Bulletin was contributed to by Kudelski Security’s Threat Detection & Research Team. Specifically Mark Stueck. Executive Summary On the… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2022/11/01/openssl-3-buffer-overflow-vulnerabilities-cve-2022-3786-and-cve-2022-3602/
Critical Severity Buffer Overflow 0-Day Vulnerability in Fortinet SSL-VPN Under Active Exploitation (CVE-2022- 42475)

Dec 1, 2024 2:19 AM

by

Andy Stern

in SecurityNews

Tags: detection, exploit, fortinet, threat, vpn, vulnerability, zero-day

This bulletin was authored by Mark Stueck of the Kudelski Security Threat Detection & Research Team. Summary On December 12th, 2022, Fortinet disc… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2022/12/12/bulletin-critical-severity-buffer-overflow-0-day-vulnerability-in-fortinet-ssl-vpn-under-active-exploitation-cve-2022-42475/
SPNEGO NEGOEX: Critical Pre-Authentication RCE Vulnerability in Modern Microsoft Windows Operating Systems (CVE-2022-37958)

Dec 1, 2024 2:19 AM

by

Andy Stern

in SecurityNews

Tags: authentication, detection, microsoft, rce, remote-code-execution, threat, vulnerability, windows

Written by Mark Stueck of the Kudelski Security Threat Detection & Research Team Summary On Tuesday, December 13th, Microsoft reclassified a previ… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2022/12/14/advisory-spnego-negoex-critical-pre-authentication-rce-vulnerability-in-modern-microsoft-windows-operating-systems-cve-2022-37958/
Active exploitation of Citrix ADC and Gateway Critical Remote Code Execution Vulnerability by Suspected Chinese APT5 (CVE-2022-27518)

Dec 1, 2024 2:19 AM

by

Andy Stern

in SecurityNews

Tags: china, citrix, detection, exploit, remote-code-execution, threat, vulnerability

Written by Harish Segar of the Kudelski Security Threat Detection & Research Team Summary On December 13, 2022, The U.S. National Security Agency … First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2022/12/15/advisory-active-exploitation-of-citrix-adc-and-gateway-critical-remote-code-execution-vulnerability-by-suspected-chinese-apt5/
Linux Kernel ksmbd Remote Code Execution Vulnerability

Dec 1, 2024 2:19 AM

by

Andy Stern

in SecurityNews

Tags: detection, linux, remote-code-execution, threat, vulnerability, zero-day

Note: This bulletin was written by Eric Dodge of the Kudelski Security Threat Detection & Research Team Summary The Zero Day Initiative (ZDI) rece… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2022/12/22/bulletin-linux-kernel-ksmbd-remote-code-execution-vulnerability/
CVE-2023-23397 Microsoft Outlook Privilege Elevation Critical Vulnerability

Dec 1, 2024 2:19 AM

by

Andy Stern

in SecurityNews

Tags: cve, detection, microsoft, threat, vulnerability

Written by Lina JimÃ©nez Becerra, Anton Jörgensson and Mark Stueck of the Kudelski Security Threat Detection & Research Team CVE-2023-23397: Abili… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2023/03/15/cve-2023-23397-microsoft-outlook-privilege-elevation-critical-vulnerability/
CVE-2023-27532 Veeam Backup Replication Vulnerability Exposes Stored Credentials, No Auth Necessary

Dec 1, 2024 2:19 AM

by

Andy Stern

in SecurityNews

Tags: access, backup, credentials, cve, detection, threat, veeam, vulnerability

Written by Mark Stueck and Scott Emersonof the Kudelski Security Threat Detection & Research Team CVE-2023-27532: Unauthenticated Access to Cleart… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2023/03/10/cve-2023-27532-veeam-backup-amp-replication-vulnerability-exposes-stored-credentials-no-auth-necessary/
CVE-2023-36884 Office and Windows HTML Remote Code Execution Vulnerability

Dec 1, 2024 2:19 AM

by

Andy Stern

in SecurityNews

Tags: cve, detection, microsoft, office, remote-code-execution, threat, vulnerability, windows

Written by Yann Lehmann and Harish Segar of the Kudelski Security Threat Detection & Research Team Summary On July 11th, Microsoft disclosed a rem… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2023/07/14/cve-2023-36884-office-and-windows-html-remote-code-execution-vulnerability/
VMware vCenter Server OutBounds Write Vulnerability (CVE-2023-34048)

Dec 1, 2024 2:19 AM

by

Andy Stern

in SecurityNews

Tags: detection, threat, vcenter, vmware, vulnerability

Written by Yann Lehmann with the support of Scott Emerson of the Kudelski Security Threat Detection & Research Team Summary VMware has released se… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2023/10/25/vmware-vcenter-server-out-of-bounds-write-vulnerability-cve-2023-34048/
Image I/O WebP/libwebp Zero-Day Vulnerabilities

Dec 1, 2024 2:19 AM

by

Andy Stern

in SecurityNews

Tags: detection, threat, vulnerability, zero-day

Google/Heap Buffer Overflow Vulnerability in WebP (CVE-2023-4863) Written by Michal Nowakowski of the Kudelski Security Threat Detection & Researc… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2023/09/29/image-i-o-webp-libwebp-zero-day-vulnerabilities/
CVE-2023-46604 Apache ActiveMQ RCE vulnerability

Dec 1, 2024 2:19 AM

by

Andy Stern

in SecurityNews

Tags: apache, cve, detection, rce, remote-code-execution, threat, vulnerability

Written by Joshua Cartlidge of the Kudelski Security Threat Detection & Research Team Summary On October 25, 2023, Apache disclosed an ActiveMQ Re… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2023/11/03/cve-2023-46604-apache-activemq-rce-vulnerability/
The KyberSlash vulnerability and the crystals-go library: A retrospective story

Dec 1, 2024 1:19 AM

by

Andy Stern

in SecurityNews

Tags: open-source, security-incident, vulnerability

Introduction In this blog post we are going to talk about a security incident which involved an open-source library developed by a student working on
Critical Authentication Bypass in Juniper Session Smart Router CVE-2024-2973

Dec 1, 2024 1:19 AM

by

Andy Stern

in SecurityNews

Tags: authentication, cve, network, router, vulnerability

Summary Juniper Networks has issued an out-of-cycle security bulletin to address a critical vulnerability (CVE-2024-2973) thataffects Session Smart Ro… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2024/07/01/critical-authentication-bypass-in-juniper-session-smart-router-cve20242973/
Remote Code Execution in OpenSSH’s Server (CVE-2024-6387) regreSSHion

Dec 1, 2024 1:19 AM

by

Andy Stern

in SecurityNews

Tags: remote-code-execution, vulnerability

Summary A critical vulnerability (CVE-2024-6387) named regreSSHion has been discovered in OpenSSH’s server (sshd), which allows for remote code execut… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2024/07/01/remote-code-execution-in-opensshs-server-cve-2024-6387-regresshion/
Critical VMware vCenter Server Patch VMSA20240019

Dec 1, 2024 1:19 AM

by

Andy Stern

in SecurityNews

Tags: advisory, update, vcenter, vmware, vulnerability

Summary VMware has released a critical security advisory (VMSA-2024-0019) that addresses two serious vulnerabilities found in its vCenter Server and V… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2024/09/18/critical-vmware-vcenter-server-patch-vmsa20240019/
Careful Where You Code: Multiple Vulnerabilities in AI-Powered PR-Agent

Dec 1, 2024 1:19 AM

by

Andy Stern

in SecurityNews

Tags: ai, LLM, software, vulnerability

Introduction There is a push to use LLMs in all aspects of software engineering, far beyond merely generating code snippets. This push includes integr… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2024/08/29/careful-where-you-code-multiple-vulnerabilities-in-ai-powered-pr-agent/
Critical Security Updates for Palo Alto Networks: CVE-2024-5910 CVE-2024-3596

Dec 1, 2024 1:19 AM

by

Andy Stern

in SecurityNews

Tags: cve, flaw, network, update, vulnerability

Summary Palo Alto Networks has released critical security updates addressing several vulnerabilities, including a high-severity flaw in the Expedition… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2024/07/15/critical-security-updates-for-palo-alto-networks-cve-2024-5910-cve-2024-3596/
Security Advisory: CVE-2024-45519

Dec 1, 2024 1:19 AM

by

Andy Stern

in SecurityNews

Tags: advisory, cve, email, service, vulnerability

Summary CVE-2024-45519 is a critical security vulnerability discovered in the postjournal service of Zimbra Collaboration Suite, a popular email and c… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2024/10/02/security-advisory-cve-2024-45519/
Kubernetes Image Builder Vulnerabilities

Dec 1, 2024 1:19 AM

by

Andy Stern

in SecurityNews

Tags: cve, kubernetes, vulnerability

Summary Recently released were two vulnerabilities, CVE-2024-9486 (CVSS 9.8) and CVE-2024-9594 (CVSS 6.3), that impact the Kubernetes Image Builder. T… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2024/10/17/kubernetes-image-builder-vulnerabilities/
Splunk Enterprise Multiple Vulnerabilities for RCE

Dec 1, 2024 1:19 AM

by

Andy Stern

in SecurityNews

Tags: cloud, rce, remote-code-execution, vulnerability

Summary Splunk has disclosed several high-severity vulnerabilities in Splunk Enterprise and Splunk Cloud Platform, which allowattackers to execute rem… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2024/10/16/splunk-enterprise-multiple-vulnerabilities-for-rce/
Blind SSRF to RCE Vulnerability Exploitation

Dec 1, 2024 1:19 AM

by

Andy Stern

in SecurityNews

Tags: exploit, rce, remote-code-execution, vulnerability

First seen on resecurity.com Jump to article: www.resecurity.com/blog/article/blind-ssrf-to-rce-vulnerability-exploitation
regreSSHion Vulnerability: CVE-2024-6387 in OpenSSH

Dec 1, 2024 1:19 AM

by

Andy Stern

in SecurityNews

Tags: cve, vulnerability

id=introduction>Introduction OpenSSH stands as a cornerstone for secure remote administration. However, recent findings have found a vulnerability… First seen on thefinalhop.com Jump to article: www.thefinalhop.com/regresshion-vulnerability-cve-2024-6387-in-openssh/
Vulnerabilities in E-Commerce Solutions – Hunting on Big Apples

Dec 1, 2024 1:19 AM

by

Andy Stern

in SecurityNews

Tags: apple, vulnerability

First seen on resecurity.com Jump to article: www.resecurity.com/blog/article/vulnerabilities-in-e-commerce-solutions-hunting-on-big-apples