ManageEngine ADAudit Plus is a security, auditing, and compliance solution for Windows. For Active Directory, Azure AD, file servers, Windows servers, and workstations, key features include thorough login auditing, detailed change tracking, real-time risk alerting, and automated compliance reporting. Endpoints in ManageEngine ADAudit Plus are vulnerable and can allow an unauthenticated attacker to take … Continue reading “Zoho ManageEngine ADAudit Plus Unauthenticated Remote Code Execution Vulnerability (CVE-2022-28219)”
Author: Diksha Ojha
Multiple Vulnerabilities Patched in Popular VMware Products
On Wednesday, VMware issued a security advisory (VMSA-2022-0011) to inform customers of significant vulnerabilities in numerous products. Threat actors could exploit these vulnerabilities to carry out remote code execution attacks. VMware products impacted by these vulnerabilities include: VMware Cloud Foundation vRealize Suite Lifecycle Manager VMware Identity Manager (vIDM) VMware vRealize Automation (vRA) VMware Workspace … Continue reading “Multiple Vulnerabilities Patched in Popular VMware Products”
Apple Releases Emergency Updates for Two Zero-Day Vulnerabilities (CVE-2022-22674 & CVE-2022-22675)
Apple has released security updates to patch two zero-day vulnerabilities (CVE-2022-22674 and CVE-2022-22675) exploited by attackers to hack iPhones, iPads, and Macs. Apple revealed active exploitation in the wild but did not provide any other information about the attacks. Withholding this information should allow security patches to reach as many iPhones, iPads, and Macs … Continue reading “Apple Releases Emergency Updates for Two Zero-Day Vulnerabilities (CVE-2022-22674 & CVE-2022-22675)”
Spring Cloud Function Remote Code Execution Vulnerability (Spring4Shell) (CVE-2022-22963)
Spring Cloud is an open-source microservices framework that consists of a set of ready-to-use components for developing different business applications. It’s extensively used across industries by a variety of businesses, and it comes pre-integrated with components from a variety of app providers. A high-severity remote code execution vulnerability (CVE-2022-22963) has been discovered in Spring Cloud … Continue reading “Spring Cloud Function Remote Code Execution Vulnerability (Spring4Shell) (CVE-2022-22963)”
Spring Framework Zero-Day Remote Code Execution (Spring4Shell) Vulnerability
Update: On March 31, Spring provided official confirmation and CVE-2022-22965 is now assigned to this vulnerability. Qualys Research Team has released QIDs as of March 30 and will keep updating those QIDs as new information is available. On March 30, a new zero-day Remote Code Execution (RCE) vulnerability, “Spring4Shell” or “SpringShell” was disclosed in the Spring framework. An … Continue reading “Spring Framework Zero-Day Remote Code Execution (Spring4Shell) Vulnerability”
Sophos Firewall Remote Code Execution Vulnerability (CVE-2022-1040)
Sophos has released an update to address a critical authentication bypass vulnerability (CVE-2022-1040) in Sophos Firewall. Successful exploitation of this vulnerability can lead to remote code execution. The vulnerability exists in the User Portal and Webadmin of Sophos Firewall. A remote attacker who gains access to the Firewall’s User Portal or the Webadmin interface … Continue reading “Sophos Firewall Remote Code Execution Vulnerability (CVE-2022-1040)”
Google Chrome Releases Fix to Address Zero-day Vulnerability – CVE-2022-1096
Google has released an emergency update to address a high-severity zero-day vulnerability – CVE-2022-109). The vulnerability, reported by an anonymous security researcher, is said to be exploited in the wild. This zero-day vulnerability is a type-confusion flaw in the Chrome V8 JavaScript engine. A type-confusion error arises when a resource (e.g., a variable or … Continue reading “Google Chrome Releases Fix to Address Zero-day Vulnerability – CVE-2022-1096”
Node-IPC NPM Package Embedded Malicious Code Vulnerability (CVE-2022-23812)
Users of the popular Vue.js frontend JavaScript framework experienced a supply chain attack on the npm ecosystem recently. The nested dependencies Node-IPC and peacenotwar were sabotaged as a protest by the maintainer of the Node-IPC package. Regardless of the peace-not-war slogan, node-ipc is now being identified as a malicious package, including malicious code that … Continue reading “Node-IPC NPM Package Embedded Malicious Code Vulnerability (CVE-2022-23812)”
Microsoft Patches 92 Vulnerabilities in March 2022 Patch Tuesday including 3 Zero-days
Microsoft has released security fixes for several vulnerabilities including patches for zero-day vulnerabilities in its March 2022 Patch Tuesday. Microsoft addresses 92 vulnerabilities in their March 2022 Patch Tuesday release. Out of these 92 vulnerabilities, three (3) are rated as critical. The release also includes fixes for three (3) publicly disclosed zero-day vulnerabilities. As of … Continue reading “Microsoft Patches 92 Vulnerabilities in March 2022 Patch Tuesday including 3 Zero-days”
New Linux Elevation of Privilege Vulnerability Exploited in the Wild (Dirty Pipe) (CVE-2022-0847)
Linux has been exploited by a highly severe vulnerability (CVE-2022-0847) that is being called ‘Dirty Pipe’. This vulnerability can allow local users to gain root privileges through publicly available exploits and is considered one of the most significant Linux security vulnerabilities that have been discovered since 2016 when another high-severity and easy-to-exploit Linux bug (dubbed … Continue reading “New Linux Elevation of Privilege Vulnerability Exploited in the Wild (Dirty Pipe) (CVE-2022-0847)”
