Found 2 bookmarks
Newest
Palo Alto - Putting The Protecc In GlobalProtect (CVE-2024-3400)
Palo Alto - Putting The Protecc In GlobalProtect (CVE-2024-3400)
Welcome to April 2024, again. We’re back, again. Over the weekend, we were all greeted by now-familiar news—a nation-state was exploiting a “sophisticated” vulnerability for full compromise in yet another enterprise-grade SSLVPN device. We’ve seen all the commentary around the certification process of these devices for certain .GOVs - we’re not here to comment on that, but sounds humorous.
#watchtowr#EN#2024#CVE-2024-3400#SSLVPN#Paloalto#GlobalProtect#analysis
·labs.watchtowr.com·
Palo Alto - Putting The Protecc In GlobalProtect (CVE-2024-3400)
Welcome To 2024, The SSLVPN Chaos Continues - Ivanti CVE-2023-46805 & CVE-2024-21887
Welcome To 2024, The SSLVPN Chaos Continues - Ivanti CVE-2023-46805 & CVE-2024-21887
Did you have a good break? Have you had a chance to breathe? Wake up. It’s 2024, and the chaos continues - thanks to Volexity (Volexity’s writeup), the industry has been alerted to in-the-wild exploitation of 2 incredibly serious 0days (CVE-2023-46805 and CVE-2024-21887 - two bugs, Command Injection
#watchtowr.com#EN#2024#CVE-2024-21887#CVE-2023-46805#SSLVPN#Ivanti
·labs.watchtowr.com·
Welcome To 2024, The SSLVPN Chaos Continues - Ivanti CVE-2023-46805 & CVE-2024-21887