Veeam Service Provider Console Multiple Security Vulnerabilities (CVE-2024-42448 & CVE-2024-42449)

Veeam Service Provider Console is vulnerable to two security flaws tracked as CVE-2024-42448 and CVE-2024-42449. Both vulnerabilities were discovered during the internal testing at Veeam. Successful exploitation of the vulnerabilities may allow an attacker to execute arbitrary code or leak the NTLM hash of the VSPC server service account and delete files on the VSPC … Continue reading “Veeam Service Provider Console Multiple Security Vulnerabilities (CVE-2024-42448 & CVE-2024-42449)”

Progress WhatsUp Gold Remote Code Execution Vulnerability (CVE-2024-8785)

Progress WhatsUp Gold is vulnerable to a critical severity flaw that may allow an attacker to execute remote code on the affected system. Tracked as CVE-2024-8785, the vulnerability has a CVSS score of 9.8. The PoC exploit code for the vulnerability has been made public by the security researchers who discovered the vulnerability.

Zyxel Firewall Directory Traversal Vulnerability Exploited in Ransomware Attack (CVE-2024-11667)

Zyxel Firewall is vulnerable to a critical vulnerability being used in recent cyberattacks. Tracked as CVE-2024-11667, the flaw used to deploy the dangerous Helldown ransomware. The German CERT (CERT-Bund) has issued the details informing the severity of these attacks and the immediate steps that organizations must take to protect their network devices. CVE-2024-11667 is a … Continue reading “Zyxel Firewall Directory Traversal Vulnerability Exploited in Ransomware Attack (CVE-2024-11667)”

Zabbix Server Critical SQL Injection Vulnerability (CVE-2024-42327)

Zabbix server is vulnerable to a critical severity flaw tracked as CVE-2024-42327. The vulnerability has a CVSS score of 9.9. Successful exploitation of the vulnerability may allow attackers to escalate privileges and gain complete control of vulnerable Zabbix servers.

ProjectSend Improper Authorization Vulnerability Under Active Exploitation (CVE-2024-11680)

Attackers are exploiting a critical vulnerability in ProjectSend. Tracked as CVE-2024-11680 has a CVSS score of 9.8. Successful exploitation of the vulnerability may allow a remote, unauthenticated attacker to modify the application’s configurations and lead to code execution. As per VulnCheck, “The project is moderately popular, with almost 1,500 GitHub stars and more than 4,000 … Continue reading “ProjectSend Improper Authorization Vulnerability Under Active Exploitation (CVE-2024-11680)”

WordPress Releases Fix for Critical Vulnerability Impacting Anti-Spam Plugin (CVE-2024-10542)

The Spam Protection, Anti-Spam, and FireWall by CleanTalk plugin for WordPress are vulnerable to two security vulnerabilities tracked as CVE-2024-10542 and CVE-2024-10781. Successful exploitation of the vulnerabilities may allow an unauthenticated attacker to install and enable malicious plugins on vulnerable sites, ultimately leading to remote code execution.

CISA Warns Organizations to Patch Array Networks Remote Code Execution Vulnerability (CVE-2023-28461)

CISA added the Array Networks vulnerability, tracked as CVE-2024-28461, to the Known Exploited Vulnerabilities Catalog, acknowledging its active exploitation. CISA urged users to patch the vulnerability before December 16, 2024. Successful exploitation of the vulnerability may allow an unauthenticated attacker to execute arbitrary code on the target system. The ArrayOS is a purpose-built and customized operating … Continue reading “CISA Warns Organizations to Patch Array Networks Remote Code Execution Vulnerability (CVE-2023-28461)”

Apple Releases Fixes for Actively Exploited Zero-day Vulnerabilities (CVE-2024-44308 & CVE-2024-44309)

Apple Safari, macOS Sequoia, iOS, and iPadOS are vulnerable to two security flaws being exploited in the wild. In the advisory, Apple mentioned that they are aware of a report that the vulnerabilities have been actively exploited on Intel-based Mac systems. Clément Lecigne and Benoît Sevens of Google’s Threat Analysis Group discovered both CVE-2024-44308 and … Continue reading “Apple Releases Fixes for Actively Exploited Zero-day Vulnerabilities (CVE-2024-44308 & CVE-2024-44309)”

CISA Added Palo Alto Networks Firewall Vulnerabilities to its Known Exploited Vulnerabilities Catalog (CVE-2024-0012 & CVE-2024-9474)

CISA warns about two vulnerabilities being actively exploited, tracked as CVE-2024-0012 and CVE-2024-9474. Both vulnerabilities exist in the PAN-OS web management interface. CISA urged users to patch the vulnerabilities before December 9, 2024. Palo Alto mentioned in the advisory that they know about threat activity that exploits this vulnerability against a limited number of management … Continue reading “CISA Added Palo Alto Networks Firewall Vulnerabilities to its Known Exploited Vulnerabilities Catalog (CVE-2024-0012 & CVE-2024-9474)”

Ivanti Releases Fixes for Multiple Vulnerabilities Impacting Connect Secure, Policy Secure, and Secure Access Client

Ivanti Connect Secure, Policy Secure, and Secure Access Client are vulnerable to 25 security vulnerabilities. Out of these 25, eight are rated as critical, 13 as high, and four as medium. Ivanti mentioned in the advisory that there was no prior knowledge of any customers being exploited by these vulnerabilities prior to public disclosure.