Found 16 bookmarks
Custom sorting
Veeam warns of critical RCE bug in Service Provider Console
Veeam warns of critical RCE bug in Service Provider Console
​Veeam released security updates today to address two Service Provider Console (VSPC) vulnerabilities, including a critical remote code execution (RCE) discovered during internal testing. VSPC, described by the company as a remote-managed BaaS (Backend as a Service) and DRaaS (Disaster Recovery as a Service) platform, is used by service providers to monitor the health and security of customer backups, as well as manage their Veeam-protected virtual, Microsoft 365, and public cloud workloads.
#bleepingcomputer#EN#2024#RCE#bug#DRaaS#VSPC#Veeam
·bleepingcomputer.com·
Veeam warns of critical RCE bug in Service Provider Console
Veeam warns of critical RCE flaw in Backup & Replication software
Veeam warns of critical RCE flaw in Backup & Replication software
Veeam has released security updates for several of its products as part of a single September 2024 security bulletin that addresses 18 high and critical severity flaws in Veeam Backup & Replication, Service Provider Console, and One.
#bleepingcomputer#EN#2024#RCE#Remote-Code-Execution#Veeam#Veeam-Backup-&-Replication#Veeam-ONE#Vulnerability
·bleepingcomputer.com·
Veeam warns of critical RCE flaw in Backup & Replication software
Critical Cisco bug lets hackers add root users on SEG devices
Critical Cisco bug lets hackers add root users on SEG devices
Cisco has fixed a critical severity vulnerability that lets attackers add new users with root privileges and permanently crash Security Email Gateway (SEG) appliances using emails with malicious attachments. Tracked as CVE-2024-20401, this arbitrary file write security flaw in the SEG content scanning and message filtering features is caused by an absolute path traversal weakness that allows replacing any file on the underlying operating system.
#bleepingcomputer#EN#2024#Code#InfoSec#Execution#Path#Gateway#Denial#DoS#Remote#Cisco#RCE#CVE-2024-20401#SEG
·bleepingcomputer.com·
Critical Cisco bug lets hackers add root users on SEG devices
Exploit released for Fortinet RCE bug used in attacks, patch now
Exploit released for Fortinet RCE bug used in attacks, patch now
Security researchers have released a proof-of-concept (PoC) exploit for a critical vulnerability in Fortinet's FortiClient Enterprise Management Server (EMS) software, which is now actively exploited in attacks.
#bleepingcomputer#EN#2024#Actively-Exploited#Exploit#Fortinet#PoC#Proof-of-Concept#RCE#Remote-Code-Execution#SQL-Injection#CVE-2023-48788
·bleepingcomputer.com·
Exploit released for Fortinet RCE bug used in attacks, patch now
Hackers are exploiting critical Apache Struts flaw using public PoC
Hackers are exploiting critical Apache Struts flaw using public PoC
Hackers are attempting to leverage a recently fixed critical vulnerability (CVE-2023-50164) in Apache Struts that leads to remote code execution, in attacks that rely on publicly available proof-of-concept exploit code.
#bleepingcomputer#EN#2023#Actively-Exploited#Apache-Struts#PoC#Proof-of-Concept#RCE#Remote-Code-Execution#CVE-2023-50164
·bleepingcomputer.com·
Hackers are exploiting critical Apache Struts flaw using public PoC