Following the release of a proof-of-concept (PoC) tool on December 12, Microsoft is advising users to repair two security vulnerabilities (tracked as CVE-2021-42287 and CVE-2021-42278) in Active Directory domain controllers that it addressed in November. Both flaws are categorized as “Windows Active Directory domain service privilege-escalation” flaws with a CVSS criticality score of 7.5 out of … Continue reading “Microsoft Active Directory Domain Services (AD DS) Privilege Escalation Vulnerability (CVE-2021-42278 & CVE-2021-42287)”
Author: Diksha Ojha
Apache Releases Security Update for HTTP Server 2.4 to Address Two Vulnerabilities (CVE-2021-44790 & CVE-2021-44224)
Apache, the open-source software foundation behind the Log4j logging library that has been the subject of so many Log4Shell headlines, released an update to correct two vulnerabilities in HTTPD, a web server that ranks right up there with Log4j in terms of ubiquity. These recently discovered vulnerabilities (CVE-2021-44790 & CVE-2021-44224) allow attackers to cause a … Continue reading “Apache Releases Security Update for HTTP Server 2.4 to Address Two Vulnerabilities (CVE-2021-44790 & CVE-2021-44224)”
Apache Log4j2 Zero-day Remote Code Execution Vulnerability Exploited in the Wild (CVE-2021-44228)
A remote code execution vulnerability in Apache Log4j2 was discovered on the Internet on December 9, 2021, and is actively being exploited in the wild. In Apache Log4j2, attackers can create customized requests to execute remote code. Users are recommended to examine related vulnerabilities as soon as possible due to the wide spectrum of impact … Continue reading “Apache Log4j2 Zero-day Remote Code Execution Vulnerability Exploited in the Wild (CVE-2021-44228)”
Grafana Releases Fix for Zero-day Vulnerability Exploited in the Wild (CVE-2021-43798)
Grafana Labs released an emergency security upgrade to fix a zero-day flaw that permitted remote access to local files. Security researchers released proof-of-concept code to exploit the flaw over the weekend. Before Grafana Labs gave out patches for affected versions 8.0.0-beta1 through 8.3.0, details regarding the issue became public earlier this week. Tracked as CVE-2021-43798, this is … Continue reading “Grafana Releases Fix for Zero-day Vulnerability Exploited in the Wild (CVE-2021-43798)”
Zoho ManageEngine Desktop Central and Desktop Central MSP Authentication Bypass Vulnerability (CVE-2021-44515)
Malicious actors are actively exploiting a recently patched critical vulnerability in Zoho’s Desktop Central and Desktop Central MSP products. This is the third time in the last four months that a security vulnerability in one of its products has been exploited in the wild. Tracked as CVE-2021-44515, this is an authentication bypass vulnerability in ManageEngine … Continue reading “Zoho ManageEngine Desktop Central and Desktop Central MSP Authentication Bypass Vulnerability (CVE-2021-44515)”
Zoho ManageEngine ServiceDesk Plus and SupportCenter Plus Unauthenticated Remote Code Execution Vulnerability (CVE-2021-44077)
The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) have warned users of a newly patched issue in Zoho’s ManageEngine ServiceDesk Plus and SupportCenter Plus that can be used to drop web– shells leading to remote code execution. CVE-2021-44077 is an unauthenticated remote code execution vulnerability that affects older versions of ServiceDesk Plus and SupportCenter Plus. Zoho ManageEngine ServiceDesk Plus remote code execution vulnerability ManageEngine ServiceDesk … Continue reading “Zoho ManageEngine ServiceDesk Plus and SupportCenter Plus Unauthenticated Remote Code Execution Vulnerability (CVE-2021-44077)”
Unpatched Information Disclosure Vulnerability affects Microsoft Windows (zero-day) (CVE-2021-24084)
Security researchers have discovered an unpatched Windows OS security vulnerability that could allow information disclosure and local privilege escalation (LPE). The flaw (CVE-2021-24084) has yet to be officially fixed, making it an important vulnerability. However, an unofficial patch has been released as a workaround. The vulnerability affects the Windows Mobile Device Management component, and it could allow unauthorized access to the filesystem and the reading of arbitrary data. … Continue reading “Unpatched Information Disclosure Vulnerability affects Microsoft Windows (zero-day) (CVE-2021-24084)”
Microsoft’s New Zero-day Windows Local Privilege Escalation Vulnerability (CVE-2021-41379)
Attackers are actively exploiting a zero-day vulnerability in Windows Installer. The vulnerability was found after a Microsoft patch for another security weakness failed to adequately repair the initial and unrelated bug. A security researcher found this Windows Installer Elevation of Privilege vulnerability termed as CVE-2021-41379. The vulnerability allows threat actors with limited access to a compromised device to elevate … Continue reading “Microsoft’s New Zero-day Windows Local Privilege Escalation Vulnerability (CVE-2021-41379)”
CISA has released an alert for the Zoho ManageEngine ADSelfService Plus authentication bypass vulnerability exploited by APT actors (CVE-2021-40539)
CISA has released a joint advisory regarding the recently exploited vulnerability in Zoho’s ManageEngine ADSelfService Plus. The advisory urges users to upgrade their tools, as APT attackers are aggressively exploiting a recently identified vulnerability. The FBI, the United States Coast Guard Cyber Command (CGCYBER), and the Cybersecurity and Infrastructure Security Agency (CISA) collaborated on this joint advisory to highlight the cyber threat … Continue reading “CISA has released an alert for the Zoho ManageEngine ADSelfService Plus authentication bypass vulnerability exploited by APT actors (CVE-2021-40539)”
WordPress Plugin Starter Templates Stored Cross-Site Scripting (XSS) Vulnerability Impacts Over Million Sites (CVE-2021-42360)
Astra Theme’s WordPress plugin fixed an XSS vulnerability that could lead to total site takeover and attacks on visitors. A vulnerability in the Starter Templates – Elementor, Gutenberg, and Beaver Builder Templates plugin can allow contributor-level users to entirely replace any page on the site and implant malicious JavaScript at any time. This vulnerability was first discovered … Continue reading “WordPress Plugin Starter Templates Stored Cross-Site Scripting (XSS) Vulnerability Impacts Over Million Sites (CVE-2021-42360)”