Found 88 bookmarks
Custom sorting
What We Know About CVE-2024-49112 and CVE-2024-49113
What We Know About CVE-2024-49112 and CVE-2024-49113
In December 2024, two Windows Lightweight Directory Access Protocol (LDAP) vulnerabilities were identified by independent security researcher Yuki Chen: CVE-2024-49112, a remote code execution (RCE) flaw with a 9.8 CVSS score, and CVE-2024-49113, a denial-of-service (DoS) flaw with a 7.5 CVSS score.
#trendmicro#EN#2024#CVE-2024-49112#CVE-2024-49113#LDAPNightmare#Microsoft#LDAP#RCE
·trendmicro.com·
What We Know About CVE-2024-49112 and CVE-2024-49113
Veeam warns of critical RCE bug in Service Provider Console
Veeam warns of critical RCE bug in Service Provider Console
​Veeam released security updates today to address two Service Provider Console (VSPC) vulnerabilities, including a critical remote code execution (RCE) discovered during internal testing. VSPC, described by the company as a remote-managed BaaS (Backend as a Service) and DRaaS (Disaster Recovery as a Service) platform, is used by service providers to monitor the health and security of customer backups, as well as manage their Veeam-protected virtual, Microsoft 365, and public cloud workloads.
#bleepingcomputer#EN#2024#RCE#bug#DRaaS#VSPC#Veeam
·bleepingcomputer.com·
Veeam warns of critical RCE bug in Service Provider Console
Veeam warns of critical RCE flaw in Backup & Replication software
Veeam warns of critical RCE flaw in Backup & Replication software
Veeam has released security updates for several of its products as part of a single September 2024 security bulletin that addresses 18 high and critical severity flaws in Veeam Backup & Replication, Service Provider Console, and One.
#bleepingcomputer#EN#2024#RCE#Remote-Code-Execution#Veeam#Veeam-Backup-&-Replication#Veeam-ONE#Vulnerability
·bleepingcomputer.com·
Veeam warns of critical RCE flaw in Backup & Replication software
Chained for attack: OpenVPN vulnerabilities discovered leading to RCE and LPE | Microsoft Security Blog
Chained for attack: OpenVPN vulnerabilities discovered leading to RCE and LPE | Microsoft Security Blog
Microsoft researchers found multiple vulnerabilities in OpenVPN that could lead to an attack chain allowing remote code execution and local privilege escalation. This attack chain could enable attackers to gain full control over targeted endpoints, potentially resulting in data breaches, system compromise, and unauthorized access to sensitive information.
#microsoft#EN#2024#OpenVPN#vulnerabilities#discovered#RCE#CVE-2024-27459#CVE-2024-27903
·microsoft.com·
Chained for attack: OpenVPN vulnerabilities discovered leading to RCE and LPE | Microsoft Security Blog
Critical Cisco bug lets hackers add root users on SEG devices
Critical Cisco bug lets hackers add root users on SEG devices
Cisco has fixed a critical severity vulnerability that lets attackers add new users with root privileges and permanently crash Security Email Gateway (SEG) appliances using emails with malicious attachments. Tracked as CVE-2024-20401, this arbitrary file write security flaw in the SEG content scanning and message filtering features is caused by an absolute path traversal weakness that allows replacing any file on the underlying operating system.
#bleepingcomputer#EN#2024#Code#InfoSec#Execution#Path#Gateway#Denial#DoS#Remote#Cisco#RCE#CVE-2024-20401#SEG
·bleepingcomputer.com·
Critical Cisco bug lets hackers add root users on SEG devices
CVE-2024-29510 - Exploiting Ghostscript using format strings
CVE-2024-29510 - Exploiting Ghostscript using format strings
A format string vulnerability in Ghostscript ≤ 10.03.0 which enables attackers to gain Remote Code Execution (#RCE) while also bypassing sandbox protections. CVE-2024-29510 has significant impact on web-applications and other services offering document conversion and preview functionalities as these often use Ghostscript under the hood. We recommend verifying whether your solution (indirectly) makes use of Ghostscript and if so, update it to the latest version!
#codeanlabs#EN#2024#CVE-2024-29510#Ghostscript#RCE
·codeanlabs.com·
CVE-2024-29510 - Exploiting Ghostscript using format strings
Zero-Day Exploitation of Unauthenticated Remote Code Execution Vulnerability in GlobalProtect (CVE-2024-3400)
Zero-Day Exploitation of Unauthenticated Remote Code Execution Vulnerability in GlobalProtect (CVE-2024-3400)
On April 10, 2024, Volexity identified zero-day exploitation of a vulnerability found within the GlobalProtect feature of Palo Alto Networks PAN-OS at one of its network security monitoring (NSM) customers. Volexity received alerts regarding suspect network traffic emanating from the customer’s firewall. A subsequent investigation determined the device had been compromised. The following day, April 11, 2024, Volexity observed further, identical exploitation at another one of its NSM customers by the same threat actor.
#volexity#EN#2024#Zero-Day#Exploitation#RCE#GlobalProtect#CVE-2024-3400
·volexity.com·
Zero-Day Exploitation of Unauthenticated Remote Code Execution Vulnerability in GlobalProtect (CVE-2024-3400)
Exploit released for Fortinet RCE bug used in attacks, patch now
Exploit released for Fortinet RCE bug used in attacks, patch now
Security researchers have released a proof-of-concept (PoC) exploit for a critical vulnerability in Fortinet's FortiClient Enterprise Management Server (EMS) software, which is now actively exploited in attacks.
#bleepingcomputer#EN#2024#Actively-Exploited#Exploit#Fortinet#PoC#Proof-of-Concept#RCE#Remote-Code-Execution#SQL-Injection#CVE-2023-48788
·bleepingcomputer.com·
Exploit released for Fortinet RCE bug used in attacks, patch now
Two Bytes is Plenty: FortiGate RCE with CVE-2024-21762
Two Bytes is Plenty: FortiGate RCE with CVE-2024-21762
Early this February, Fortinet released an advisory for an "out-of-bounds write vulnerability" that could lead to remote code execution. The issue affected the SSL VPN component of their FortiGate network appliance and was potentially already being exploited in the wild. In this post we detail the steps we took to identify the patched vulnerability and produce a working exploit.
#assetnote#EN#2024#exploitation#patch-diff#FortiGate#RCE#CVE-2024-21762
·assetnote.io·
Two Bytes is Plenty: FortiGate RCE with CVE-2024-21762
Zyxel VPN Series Pre-auth Remote Command Execution
Zyxel VPN Series Pre-auth Remote Command Execution
Summary Chaining of three vulnerabilities allows unauthenticated attackers to execute arbitrary command with root privileges on Zyxel VPN firewall (VPN50, VPN100, VPN300, VPN500, VPN1000). Due to recent attack surface changes in Zyxel, the chain described below broke and become unusable – we have decided to disclose this even though it is no longer exploitable. Credit … SSD Advisory – Zyxel VPN Series Pre-auth Remote Command Execution Read More »
#ssd-disclosure#EN#2024#Advisory#Zyxel#VPN#Series#Pre-auth#RCE
·ssd-disclosure.com·
Zyxel VPN Series Pre-auth Remote Command Execution
CVE-2024-21591 - Juniper J-Web OOB Write vulnerability
CVE-2024-21591 - Juniper J-Web OOB Write vulnerability
  • Juniper Networks recently patched a critical pre-authentication Remote Code Execution (RCE) vulnerability in the J-Web configuration interface across all versions of Junos OS on SRX firewalls and EX switches. Unauthenticated actors could exploit this vulnerability to gain root access or initiate Denial of Service (DoS) attacks on devices that have not been patched. Ensure your systems are updated promptly to mitigate this risk. Check for exposed J-Web configuration interfaces using this Censys Search query: services.software.uniform_resource_identifier: cpe:2.3:a:juniper:jweb:*:*:*:*:*:*:*:*. * As emphasized last year in CISA’s BOD 23-02 guidance, exposed network management interfaces continue to pose a significant risk. Restrict access to these interfaces from the public internet wherever possible.
#censys#EN#2024#CVE-2024-21591#Juniper#J-Web#OOB#vulnerability#RCE#exposed
·censys.com·
CVE-2024-21591 - Juniper J-Web OOB Write vulnerability