Ivanti has addressed multiple critical and high severity vulnerabilities in its security advisory. Ivanti addressed 16 vulnerabilities impacting the Ivanti Endpoint Manager (EPM). Successful exploitation of the vulnerabilities may allow a remote, unauthenticated attacker to execute arbitrary code, elevation of privileges, and denial of service. Ivanti mentioned in the advisory that there is no proof of … Continue reading “Ivanti Released Updates for Ivanti Endpoint Manager (EPM)”
Tag: CISA Known Exploitable Vulnerabilities Catalog
Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability Exploited in Attacks (CVE-2024-55591)
Fortinet released a security advisory to address a zero-day vulnerability tracked as CVE-2024-55591. The vulnerability has a critical severity rating with a CVSS score of 9.6. Successful exploitation of the vulnerability may allow a remote attacker to gain super-admin privileges via crafted requests to the Node.js websocket module. Fortinet mentioned in the advisory that the authentication … Continue reading “Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability Exploited in Attacks (CVE-2024-55591)”
Microsoft Patch Tuesday, January 2025 Security Update Review
Happy New Year! As the calendar turns to January 2025, Microsoft’s first Patch Tuesday of 2025 has arrived. From zero-days to critical vulnerabilities, here’s what deserves your attention. Here’s a breakdown of what’s been patched. Microsoft Patch’s Tuesday, January 2025 edition addressed 159 vulnerabilities, including 10 critical and 149 important severity vulnerabilities. In this month’s … Continue reading “Microsoft Patch Tuesday, January 2025 Security Update Review”
CISA Warns of Mitel MiCollab Vulnerabilities Active Exploitation (CVE-2024-41713 & CVE-2024-55550)
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) updates its Known Exploited Vulnerabilities Catalog by adding two Mitel MiCollab vulnerabilities. Tracked as CVE-2024-41713 and CVE-2024-55550, the vulnerabilities may allow a remote unauthenticated attacker to bypass authentication and view/modify sensitive data. CVE-2024-41713 could be chained with CVE-2024-55550 to allow an unauthenticated, remote attacker to read arbitrary … Continue reading “CISA Warns of Mitel MiCollab Vulnerabilities Active Exploitation (CVE-2024-41713 & CVE-2024-55550)”
Palo Alto Networks Denial of Service Vulnerability Exploited in the Wild (CVE-2024-3393)
Palo Alto released a security advisory to address an actively exploited vulnerability, tracked as CVE-2024-3393. The vulnerability impacts Palo Alto Networks software (PAN-OS). Successful exploitation of the vulnerability may lead to a Denial of Service (DoS) attack. “Palo Alto Networks is aware of customers experiencing this Denial of Service (DoS) when their firewall blocks malicious … Continue reading “Palo Alto Networks Denial of Service Vulnerability Exploited in the Wild (CVE-2024-3393)”
CISA Added Cleo Vulnerabilities to its Known Exploited Vulnerabilities Catalog (CVE-2024-50623 & CVE-2024-55956)
Cybersecurity & Infrastructure Security Agency (CISA) updated its Known Exploited Vulnerabilities Catalog with two vulnerabilities in Cleo Harmony, VLTrader, and LexiCom. Tracked as CVE-2024-50623 & CVE-2024-55956, successful exploitation of the vulnerability may lead to remote code execution. CISA urged users to patch the vulnerabilities before January 3, 2025 (CVE-2024-50623) and January 7, 2025 (CVE-2024-55956). Cleo … Continue reading “CISA Added Cleo Vulnerabilities to its Known Exploited Vulnerabilities Catalog (CVE-2024-50623 & CVE-2024-55956)”
Zyxel Firewall Directory Traversal Vulnerability Exploited in Ransomware Attack (CVE-2024-11667)
Zyxel Firewall is vulnerable to a critical vulnerability being used in recent cyberattacks. Tracked as CVE-2024-11667, the flaw used to deploy the dangerous Helldown ransomware. The German CERT (CERT-Bund) has issued the details informing the severity of these attacks and the immediate steps that organizations must take to protect their network devices. CVE-2024-11667 is a … Continue reading “Zyxel Firewall Directory Traversal Vulnerability Exploited in Ransomware Attack (CVE-2024-11667)”
ProjectSend Improper Authorization Vulnerability Under Active Exploitation (CVE-2024-11680)
Attackers are exploiting a critical vulnerability in ProjectSend. Tracked as CVE-2024-11680 has a CVSS score of 9.8. Successful exploitation of the vulnerability may allow a remote, unauthenticated attacker to modify the application’s configurations and lead to code execution. As per VulnCheck, “The project is moderately popular, with almost 1,500 GitHub stars and more than 4,000 … Continue reading “ProjectSend Improper Authorization Vulnerability Under Active Exploitation (CVE-2024-11680)”
Apple Releases Fixes for Actively Exploited Zero-day Vulnerabilities (CVE-2024-44308 & CVE-2024-44309)
Apple Safari, macOS Sequoia, iOS, and iPadOS are vulnerable to two security flaws being exploited in the wild. In the advisory, Apple mentioned that they are aware of a report that the vulnerabilities have been actively exploited on Intel-based Mac systems. Clément Lecigne and Benoît Sevens of Google’s Threat Analysis Group discovered both CVE-2024-44308 and … Continue reading “Apple Releases Fixes for Actively Exploited Zero-day Vulnerabilities (CVE-2024-44308 & CVE-2024-44309)”
CISA Added Palo Alto Networks Firewall Vulnerabilities to its Known Exploited Vulnerabilities Catalog (CVE-2024-0012 & CVE-2024-9474)
CISA warns about two vulnerabilities being actively exploited, tracked as CVE-2024-0012 and CVE-2024-9474. Both vulnerabilities exist in the PAN-OS web management interface. CISA urged users to patch the vulnerabilities before December 9, 2024. Palo Alto mentioned in the advisory that they know about threat activity that exploits this vulnerability against a limited number of management … Continue reading “CISA Added Palo Alto Networks Firewall Vulnerabilities to its Known Exploited Vulnerabilities Catalog (CVE-2024-0012 & CVE-2024-9474)”