Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability (CVE-2022-30190)

Security researchers have discovered a new zero-day vulnerability in Microsoft Office, via Microsoft Support Diagnostic Tool (MSDT), that could be exploited to achieve code execution on affected systems simply by opening a malicious Word document.     The vulnerability, tracked as CVE-2022-30190, was discovered by a Japanese security researcher nao_sec, who tweeted a warning about the … Continue reading “Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability (CVE-2022-30190)”

Microsoft Releases Patch for the Third-party ODBC Driver Remote Code Execution Vulnerability (CVE-2022-29972)

Microsoft has released a patch addressing a flaw in the Azure Data Factory and Azure Synapse pipelines (tracked as CVE-2022-29972). The flaw affects the third-party Open Database Connectivity (ODBC) driver used to connect to Amazon Redshift in Azure Synapse pipelines and Azure Data Factory Integration Runtime (IR) and did not impact Azure Synapse as a … Continue reading “Microsoft Releases Patch for the Third-party ODBC Driver Remote Code Execution Vulnerability (CVE-2022-29972)”

F5 BIG-IP iControl REST Remote Code Execution Vulnerability (CVE-2022-1388)

A critical Remote Code Execution vulnerability has been reported in the F5 BIG-IP iControl REST API. The vulnerability is being tracked as CVE-2022-1388. A proof of concept for the vulnerability is available and is being actively exploited by threat actors. Security researchers are advising F5 BIG-IP administrators to immediately install the latest security patch.    … Continue reading “F5 BIG-IP iControl REST Remote Code Execution Vulnerability (CVE-2022-1388)”

WSO2 Unrestricted Arbitrary File Upload and Remote Code Execution Vulnerability (CVE-2022-29464)

An unauthenticated arbitrary file upload vulnerability that allows unauthenticated attackers to execute arbitrary code remotely on multiple WSO2 products has been reported. The vulnerability was reported by a researcher called Orange Tsai and is being tracked as CVE-2022-29464 (WSO2-2021-1738).     WSO2 is an open-source software provider that offers an enterprise platform for integrating application programming interfaces (APIs), applications, … Continue reading “WSO2 Unrestricted Arbitrary File Upload and Remote Code Execution Vulnerability (CVE-2022-29464)”

Nginx Zero-Day Remote Code Execution Vulnerability

A new zero-day vulnerability has been discovered in the Nginx LDAP-auth daemon implementation, which allows remote code execution on a vulnerable system.    Nginx is an open-source HTTP and reverses proxy server, a mail proxy server, and a generic TCP/UDP proxy server. Large numbers of servers use Nginx as a load balancer.     The … Continue reading “Nginx Zero-Day Remote Code Execution Vulnerability”

Zoho ManageEngine ADAudit Plus Unauthenticated Remote Code Execution Vulnerability (CVE-2022-28219)

ManageEngine ADAudit Plus is a security, auditing, and compliance solution for Windows. For Active Directory, Azure AD, file servers, Windows servers, and workstations, key features include thorough login auditing, detailed change tracking, real-time risk alerting, and automated compliance reporting.    Endpoints in ManageEngine ADAudit Plus are vulnerable and can allow an unauthenticated attacker to take … Continue reading “Zoho ManageEngine ADAudit Plus Unauthenticated Remote Code Execution Vulnerability (CVE-2022-28219)”

Spring Cloud Function Remote Code Execution Vulnerability (Spring4Shell) (CVE-2022-22963)

Spring Cloud is an open-source microservices framework that consists of a set of ready-to-use components for developing different business applications. It’s extensively used across industries by a variety of businesses, and it comes pre-integrated with components from a variety of app providers.    A high-severity remote code execution vulnerability (CVE-2022-22963) has been discovered in Spring Cloud … Continue reading “Spring Cloud Function Remote Code Execution Vulnerability (Spring4Shell) (CVE-2022-22963)”

Spring Framework Zero-Day Remote Code Execution (Spring4Shell) Vulnerability

Update: On March 31, Spring provided official confirmation and CVE-2022-22965 is now assigned to this vulnerability. Qualys Research Team has released QIDs as of March 30 and will keep updating those QIDs as new information is available. On March 30, a new zero-day Remote Code Execution (RCE) vulnerability, “Spring4Shell” or “SpringShell” was disclosed in the Spring framework. An … Continue reading “Spring Framework Zero-Day Remote Code Execution (Spring4Shell) Vulnerability”

Sophos Firewall Remote Code Execution Vulnerability (CVE-2022-1040)

Sophos has released an update to address a critical authentication bypass vulnerability (CVE-2022-1040) in Sophos Firewall. Successful exploitation of this vulnerability can lead to remote code execution. The vulnerability exists in the User Portal and Webadmin of Sophos Firewall.    A remote attacker who gains access to the Firewall’s User Portal or the Webadmin interface … Continue reading “Sophos Firewall Remote Code Execution Vulnerability (CVE-2022-1040)”

Microsoft Patches 92 Vulnerabilities in March 2022 Patch Tuesday including 3 Zero-days

Microsoft has released security fixes for several vulnerabilities including patches for zero-day vulnerabilities in its March 2022 Patch Tuesday. Microsoft addresses 92 vulnerabilities in their March 2022 Patch Tuesday release. Out of these 92 vulnerabilities, three (3) are rated as critical. The release also includes fixes for three (3) publicly disclosed zero-day vulnerabilities. As of … Continue reading “Microsoft Patches 92 Vulnerabilities in March 2022 Patch Tuesday including 3 Zero-days”