Ivanti has addressed multiple critical and high severity vulnerabilities in its security advisory. Ivanti addressed 16 vulnerabilities impacting the Ivanti Endpoint Manager (EPM). Successful exploitation of the vulnerabilities may allow a remote, unauthenticated attacker to execute arbitrary code, elevation of privileges, and denial of service. Ivanti mentioned in the advisory that there is no proof of … Continue reading “Ivanti Released Updates for Ivanti Endpoint Manager (EPM)”
Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability Exploited in Attacks (CVE-2024-55591)
Fortinet released a security advisory to address a zero-day vulnerability tracked as CVE-2024-55591. The vulnerability has a critical severity rating with a CVSS score of 9.6. Successful exploitation of the vulnerability may allow a remote attacker to gain super-admin privileges via crafted requests to the Node.js websocket module. Fortinet mentioned in the advisory that the authentication … Continue reading “Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability Exploited in Attacks (CVE-2024-55591)”
Microsoft Patch Tuesday, January 2025 Security Update Review
Happy New Year! As the calendar turns to January 2025, Microsoft’s first Patch Tuesday of 2025 has arrived. From zero-days to critical vulnerabilities, here’s what deserves your attention. Here’s a breakdown of what’s been patched. Microsoft Patch’s Tuesday, January 2025 edition addressed 159 vulnerabilities, including 10 critical and 149 important severity vulnerabilities. In this month’s … Continue reading “Microsoft Patch Tuesday, January 2025 Security Update Review”
Ivanti Zero-day Vulnerability Impacts Connect Secure and Policy Secure (CVE-2025-0282)
Ivanti released a security advisory to address critical and high severity vulnerabilities on January 8, 2025. Tracked as CVE-2024-0282 and CVE-2025-0283, the vulnerabilities may allow remote unauthenticated attackers to achieve remote code execution or local authenticated attackers to escalate their privileges on a targeted system. Ivanti mentioned in the advisory that “a limited number of customers … Continue reading “Ivanti Zero-day Vulnerability Impacts Connect Secure and Policy Secure (CVE-2025-0282)”
CISA Warns of Mitel MiCollab Vulnerabilities Active Exploitation (CVE-2024-41713 & CVE-2024-55550)
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) updates its Known Exploited Vulnerabilities Catalog by adding two Mitel MiCollab vulnerabilities. Tracked as CVE-2024-41713 and CVE-2024-55550, the vulnerabilities may allow a remote unauthenticated attacker to bypass authentication and view/modify sensitive data. CVE-2024-41713 could be chained with CVE-2024-55550 to allow an unauthenticated, remote attacker to read arbitrary … Continue reading “CISA Warns of Mitel MiCollab Vulnerabilities Active Exploitation (CVE-2024-41713 & CVE-2024-55550)”
WordPress UpdraftPlus Plugin Vulnerability Impacts Millions of Websites (CVE-2024-10957)
WordPress UpdraftPlus plugin is vulnerable to a high-severity PHP object injection vulnerability. Tracked as CVE-2024-10957, the vulnerability may allow an unauthenticated attacker to delete arbitrary files, retrieve sensitive data, or execute code. According to WordPress, more than 3 million websites worldwide use the plugin.
Palo Alto Networks Denial of Service Vulnerability Exploited in the Wild (CVE-2024-3393)
Palo Alto released a security advisory to address an actively exploited vulnerability, tracked as CVE-2024-3393. The vulnerability impacts Palo Alto Networks software (PAN-OS). Successful exploitation of the vulnerability may lead to a Denial of Service (DoS) attack. “Palo Alto Networks is aware of customers experiencing this Denial of Service (DoS) when their firewall blocks malicious … Continue reading “Palo Alto Networks Denial of Service Vulnerability Exploited in the Wild (CVE-2024-3393)”
Apache Patches Critical Remote Code Execution Vulnerability in Tomcat Server (CVE-2024-56337)
Apache released a security advisory to address a critical vulnerability in the Tomcat server. Tracked as CVE-2024-56337, the vulnerability may allow an attacker to perform remote code execution on vulnerable servers.
Adobe ColdFusion Arbitrary File System Read Vulnerability (CVE-2024-53961)
Adobe released a security advisory to address a critical severity vulnerability impacting ColdFusion. Tracked as CVE-2024-53961, the vulnerability may allow attackers to read arbitrary files on vulnerable servers. The vulnerability originates from a path traversal flaw that may lead to providing unauthorized access to attackers and data exposure.
Sophos Patches Multiple Vulnerabilities in Firewall (CVE-2024-12727, CVE-2024-12728, & CVE-2024-12729)
Sophos released a security advisory to address three vulnerabilities impacting Sophos Firewall products. Tracked as CVE-2024-12727, CVE-2024-12728, & CVE-2024-12729, the vulnerabilities may lead to remote code execution and information disclosure.
