Security researchers have discovered an unpatched Windows OS security vulnerability that could allow information disclosure and local privilege escalation (LPE). The flaw (CVE-2021-24084) has yet to be officially fixed, making it an important vulnerability. However, an unofficial patch has been released as a workaround. The vulnerability affects the Windows Mobile Device Management component, and it could allow unauthorized access to the filesystem and the reading of arbitrary data. … Continue reading “Unpatched Information Disclosure Vulnerability affects Microsoft Windows (zero-day) (CVE-2021-24084)”
Author: Diksha Ojha
Microsoft’s New Zero-day Windows Local Privilege Escalation Vulnerability (CVE-2021-41379)
Attackers are actively exploiting a zero-day vulnerability in Windows Installer. The vulnerability was found after a Microsoft patch for another security weakness failed to adequately repair the initial and unrelated bug. A security researcher found this Windows Installer Elevation of Privilege vulnerability termed as CVE-2021-41379. The vulnerability allows threat actors with limited access to a compromised device to elevate … Continue reading “Microsoft’s New Zero-day Windows Local Privilege Escalation Vulnerability (CVE-2021-41379)”
CISA has released an alert for the Zoho ManageEngine ADSelfService Plus authentication bypass vulnerability exploited by APT actors (CVE-2021-40539)
CISA has released a joint advisory regarding the recently exploited vulnerability in Zoho’s ManageEngine ADSelfService Plus. The advisory urges users to upgrade their tools, as APT attackers are aggressively exploiting a recently identified vulnerability. The FBI, the United States Coast Guard Cyber Command (CGCYBER), and the Cybersecurity and Infrastructure Security Agency (CISA) collaborated on this joint advisory to highlight the cyber threat … Continue reading “CISA has released an alert for the Zoho ManageEngine ADSelfService Plus authentication bypass vulnerability exploited by APT actors (CVE-2021-40539)”
WordPress Plugin Starter Templates Stored Cross-Site Scripting (XSS) Vulnerability Impacts Over Million Sites (CVE-2021-42360)
Astra Theme’s WordPress plugin fixed an XSS vulnerability that could lead to total site takeover and attacks on visitors. A vulnerability in the Starter Templates – Elementor, Gutenberg, and Beaver Builder Templates plugin can allow contributor-level users to entirely replace any page on the site and implant malicious JavaScript at any time. This vulnerability was first discovered … Continue reading “WordPress Plugin Starter Templates Stored Cross-Site Scripting (XSS) Vulnerability Impacts Over Million Sites (CVE-2021-42360)”
Palo Alto Networks PAN-OS GlobalProtect Portal and Gateway Interfaces Memory Corruption Vulnerability (CVE-2021-3064)
Palo Alto Networks (PAN) released an update addressing the vulnerability CVE-2021-3064. This vulnerability was discovered and disclosed by Randori. This vulnerability affects PAN firewalls that use the GlobalProtect Portal VPN. This VPN allows for unauthenticated remote code execution on susceptible product installations. The zero-day vulnerability has a severity rating of 9.8. The vulnerability chain … Continue reading “Palo Alto Networks PAN-OS GlobalProtect Portal and Gateway Interfaces Memory Corruption Vulnerability (CVE-2021-3064)”
Microsoft Exchange Server Remote Code Execution (RCE) Vulnerability (CVE-2021-42321)
Microsoft has released a patch for a highly severe Exchange Server vulnerability in its November 2021 Patch Tuesday. This vulnerability can allow authenticated attackers to execute codes remotely on vulnerable servers. The CVE-2021-42321 security issue is caused by inappropriate validation of command-let (cmdlet) parameters. To execute this vulnerability, the attacker needs to be authenticated. This vulnerability only affects on-premises Microsoft Exchange servers, including those used by users in Exchange Hybrid … Continue reading “Microsoft Exchange Server Remote Code Execution (RCE) Vulnerability (CVE-2021-42321)”
GitLab Unauthenticated Remote Code Execution Vulnerability (CVE-2021-22205)
GitLab is a web-based DevOps lifecycle solution built by GitLab Inc. providing unrivaled insight and productivity across the DevOps lifecycle in a single application. GitLab has released an update for a significant remote code execution (RCE) vulnerability (CVE-2021-22205) in GitLab’s web interface. This vulnerability has been regularly exploited in the wild and has caused a vast … Continue reading “GitLab Unauthenticated Remote Code Execution Vulnerability (CVE-2021-22205)”
Google Chrome releases emergency updates to address two zero-day vulnerabilities (CVE-2021-38000 and CVE-2021-38003)
Google released an emergency update for its Chrome web browser on Thursday. According to the company, this update includes fixes for two zero-day vulnerabilities (CVE-2021-38000 and CVE-2021-38003) that are being actively exploited in the wild. The new 95.0.4638.69 version is available for Windows, Mac, and Linux and addresses seven vulnerabilities, including these two zero-days. “Google is aware that exploits for CVE-2021-38000 and … Continue reading “Google Chrome releases emergency updates to address two zero-day vulnerabilities (CVE-2021-38000 and CVE-2021-38003)”
Update your devices with Apple’s latest security patches
Apple has been focusing on the security of its devices. One of the most critical actions to keep your Apple product secure is to keep its software up-to-date. Apple has rolled out security updates to older iPhones, iPads, Apple TV, and Watch series. The update consists of: tvOS is 15.1. watchOS is 8.1. macOS is 12.0.1. iOS and iPadOS is 15.1. iOS 14.8.1 and iPadOS 14.8.1 Apple published iOS … Continue reading “Update your devices with Apple’s latest security patches”
Apache mod_proxy Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-40438)
The Apache HTTP Server Project is a group of people working together to create and maintain an open-source, software-based HTTP server for modern operating systems such as UNIX and Windows. This technology is considered among the most widely used web servers on the internet. A Server-Side Request Forgery (SSRF) vulnerability (CVE-2021-40438) has been identified in Apache HTTP Server versions 2.4.48 and older. The vulnerability … Continue reading “Apache mod_proxy Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-40438)”