The security research team at Veloxity identified an active exploitation of two vulnerabilities (CVE-2023-46805 & CVE-2024-21887) impacting Ivanti Connect Secure VPN devices. When chained together, the vulnerabilities may allow attackers to transmit malicious requests and execute arbitrary commands on a targeted system. According to the research, a Chinese nation-state-level threat actor has exploited the vulnerabilities. … Continue reading “Ivanti Connect Secure (ICS) and Ivanti Policy Secure Gateway Vulnerabilities Exploited in the Wild (CVE-2023-46805 & CVE-2024-21887)”
Cisco Unity Connection Unauthenticated Arbitrary File Upload Vulnerability (CVE-2024-20272)
Cisco has released a patch to address an arbitrary file upload vulnerability tracked as CVE-2024-20272. Successful exploitation of the vulnerability could allow the attacker to store malicious files on the system and execute arbitrary commands on the operating system.
Microsoft Patch Tuesday, January 2024 Security Update Review
The first edition of the Microsoft Patch Tuesday for 2024 is now live! Microsoft has released fewer than usual security fixes in this month’s update. We invite you to join us to review and discuss the details of these security updates and patches. Microsoft Patch Tuesday’s January 2024 edition addressed 53 vulnerabilities, including two critical … Continue reading “Microsoft Patch Tuesday, January 2024 Security Update Review”
Ivanti Patches Critical SQL Injection Vulnerability in Endpoint Manager (CVE-2023-39336)
A critical severity SQL injection vulnerability has been discovered in the Ivanti Endpoint Manager. Tracked as CVE-2023-39336, the vulnerability has been given a critical severity rating with a CVSS score of 9.6. Successful exploitation of the vulnerability may allow an attacker to execute arbitrary SQL queries and retrieve output without needing authentication.
Microsoft Addresses Windows AppX Installer Spoofing Vulnerability Reappeared in Exploitation (CVE-2021-43890)
Microsoft has updated a two-year-old spoofing vulnerability in Windows AppX Installer that affects Microsoft Windows, tracked as CVE-2021-43890. Microsoft has updated the advisory in reference to the reports suggesting an increase in exploitation attempts. Threat actors exploit the vulnerability using social engineering and phishing techniques to target Windows OS users and utilize the ms-appinstaller URI … Continue reading “Microsoft Addresses Windows AppX Installer Spoofing Vulnerability Reappeared in Exploitation (CVE-2021-43890)”
Apache OFBiz Authentication Bypass Vulnerability (CVE-2023-51467)
The SonicWall Threat research team has discovered an authentication bypass vulnerability in Apache OFBiz, a Java-based web framework. Tracked as CVE-2023-51467, the vulnerability has a critical severity rating with a CVSS score of 9.8. An attacker who exploits the vulnerability may bypass authentication to achieve a simple Server-Side Request Forgery (SSRF). A security researcher at … Continue reading “Apache OFBiz Authentication Bypass Vulnerability (CVE-2023-51467)”
SSH ProxyCommand Unexpected Code Execution Vulnerability (CVE-2023-51385)
SSH ProxyCommand is vulnerable to a code execution flaw, CVE-2023-51385, that may allow an attacker to perform shell injection on vulnerable servers.
SSH Prefix Truncation Vulnerability Used in Terrapin Attacks (CVE-2023-48795)
Academic researchers have discovered a vulnerability in SSH cryptographic network protocol that can be used in an attack called Terrapin, a prefix truncation attack. Tracked as CVE-2023-48795, the vulnerability allows attackers to lower the security of established connections by truncating the extension negotiation message.
Google Chrome Zero-day Vulnerability Exploited in the Wild (CVE-2023-7024)
Google has released a patch to address a high-severity vulnerability in the Chrome browser. Tracked as CVE-2023-7024, the vulnerability is being exploited in the wild. CVE-2023-7024 is a heap-based buffer overflow vulnerability in the open-source WebRTC framework. Many other web browsers, such as Mozilla Firefox, Safari, and Microsoft Edge, also use the WebRTC framework to … Continue reading “Google Chrome Zero-day Vulnerability Exploited in the Wild (CVE-2023-7024)”
WordPress Backup Migration Plugin Remote Code Execution Vulnerability (CVE-2023-6553)
WordPress has released security updates to address a critical severity vulnerability Backup Migration Plugin. Tracked as CVE-2023-6553, the vulnerability may allow unauthenticated attackers to inject arbitrary PHP code, resulting in an entire site compromise. The vulnerability has been given a CVSS score of 9.8. The Nex Team has discovered the vulnerability and reported it to WordPress … Continue reading “WordPress Backup Migration Plugin Remote Code Execution Vulnerability (CVE-2023-6553)”
