Tag: rce
-
Threat Actors Exploit a Critical Ivanti RCE Bug, Again
New year, same story. Despite Ivanti’s commitment to secure-by-design principles, threat actors, possibly the same ones as before, are exploiting its edge devices for the nth time. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/critical-ivanti-rce-bug
-
Critical RCE Flaw in GFI KerioControl Allows Remote Code Execution via CRLF Injection
Threat actors are attempting to take advantage of a recently disclosed security flaw impacting GFI KerioControl firewalls that, if successfully exploited, could allow malicious actors to achieve remote code execution (RCE).The vulnerability in question, CVE-2024-52875, refers to a carriage return line feed (CRLF) injection attack, paving the way for HTTP response splitting, which could then…
-
Ivanti warns critical RCE flaw in Connect Secure exploited as zero-day
Tags: advisory, apt, attack, authentication, cve, cvss, cybersecurity, data-breach, exploit, flaw, google, government, group, intelligence, Internet, ivanti, law, mandiant, microsoft, network, rce, remote-code-execution, risk, software, threat, tool, vpn, vulnerability, zero-dayIT software provider Ivanti released patches Wednesday for its Connect Secure SSL VPN appliances to address two memory corruption vulnerabilities, one of which has already been exploited in the wild as a zero-day to compromise devices.The exploited vulnerability, tracked as CVE-2025-0282, is a stack-based buffer overflow rated as critical with a CVSS score of 9.0.…
-
DNA sequencer vulnerabilities signal firmware issues across medical device industry
Tags: access, advisory, attack, best-practice, computer, computing, control, credentials, data, exploit, firmware, flaw, Hardware, iot, leak, malicious, malware, mitigation, privacy, rce, remote-code-execution, risk, side-channel, software, supply-chain, update, vulnerability, windowsIn highlighting vulnerabilities in a widely used DNA gene sequencing device, security researchers have brought further attention to the likely poor state of security in the medical device industry, where hardware and firmware development is often outsourced to external equipment manufacturers under questionable support contracts.The device, Illumina’s iSeq 100 compact DNA sequencer, is used by…
-
Mitel 0-day, 5-year-old Oracle RCE bug under active exploit
3 CVEs added to CISA’s catalog First seen on theregister.com Jump to article: www.theregister.com/2025/01/08/mitel_0_day_oracle_rce_under_exploit/
-
Netis routers vulnerable to chained authentication bypass, RCE flaws
First seen on scworld.com Jump to article: www.scworld.com/news/netis-routers-vulnerable-to-chained-authentication-bypass-rce-flaws
-
Moxa patches two flaws in its OT devices, one a critical RCE
First seen on scworld.com Jump to article: www.scworld.com/news/moxa-patches-two-flaws-in-its-ot-devices-one-a-critical-rce
-
Gen AI is transforming the cyber threat landscape by democratizing vulnerability hunting
Tags: ai, api, apt, attack, bug-bounty, business, chatgpt, cloud, computing, conference, credentials, cve, cyber, cybercrime, cyberespionage, cybersecurity, data, defense, detection, email, exploit, finance, firewall, flaw, framework, github, government, group, guide, hacker, hacking, incident response, injection, LLM, malicious, microsoft, open-source, openai, penetration-testing, programming, rce, RedTeam, remote-code-execution, service, skills, software, sql, tactics, threat, tool, training, update, vulnerability, waf, zero-dayGenerative AI has had a significant impact on a wide variety of business processes, optimizing and accelerating workflows and in some cases reducing baselines for expertise.Add vulnerability hunting to that list, as large language models (LLMs) are proving to be valuable tools in assisting hackers, both good and bad, in discovering software vulnerabilities and writing…
-
Android Security Updates: Patch for Critical RCE Vulnerabilities
The January 2025 Android Security Bulletin has issued important updates regarding critical vulnerabilities that affect Android devices. Users are urged to ensure their devices are updated to the latest security patch level, which as per the bulletin, should be 2025-01-05 or later to mitigate potential risks. Overview of Vulnerabilities The bulletin highlights a series of…
-
Critical Windows LDAP flaw could lead to crashed servers, RCE attacks
Researchers have published a proof-of-concept exploit for a pair of Windows Lightweight Directory Access Protocol (LDAP) flaws that could lead to server crashes or remote code execution (RCE) on Windows servers.”Active Directory Domain Controllers (DCs) are considered to be one of the crown jewels in organizational computer networks,” noted researchers at security firm SafeBreach, who…
-
Apache MINA CVE-2024-52046: CVSS 10.0 Flaw Enables RCE via Unsafe Serialization
Tags: apache, cve, cvss, flaw, framework, network, rce, remote-code-execution, software, vulnerabilityThe Apache Software Foundation (ASF) has released patches to address a maximum severity vulnerability in the MINA Java network application framework that could result in remote code execution under specific conditions.Tracked as CVE-2024-52046, the vulnerability carries a CVSS score of 10.0. It affects versions 2.0.X, 2.1.X, and 2.2.X.”The ObjectSerializationDecoder in Apache MINA uses Java’s First…
-
Node.js systeminformation Package Vulnerability Exposes Millions of Systems to RCE Attacks
A critical command injection vulnerability in the popular systeminformation npm package has recently been disclosed, exposing millions of systems to potential remote code execution (RCE) and privilege escalation attacks. The vulnerability, assigned CVE-2024-56334, highlights the importance of secure coding practices when dealing with untrusted user input. The vulnerability resides in the getWindowsIEEE8021x function of the systeminformation package, specifically affecting versions ≤5.23.6. The issue…
-
Apache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE Attacks
Tags: apache, attack, cve, flaw, mitigation, rce, remote-code-execution, software, update, vulnerabilityThe Apache Software Foundation (ASF) has released a security update to address an important vulnerability in its Tomcat server software that could result in remote code execution (RCE) under certain conditions.The vulnerability, tracked as CVE-2024-56337, has been described as an incomplete mitigation for CVE-2024-50379 (CVSS score: 9.8), another critical security flaw in the same product…
-
DigiEver IoT Devices Exploited To Deliver Mirai-based Malware
A new Mirai-based botnet, >>Hail Cock Botnet,
-
Fortinet Addresses Unpatched Critical RCE Vector
Fortinet has patched CVE-2023-34990 in its Wireless LAN Manager (FortiWLM), which combined with CVE-2023-48782 could allow for unauthenticated remote code execution (RCE) and the ability to read all log files. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/fortinet-addresses-unpatched-critical-rce-vector
-
1-Click RCE Attack In Kerio Control UTM Allow Attackers Gain Firewall Root Access Remotely
GFI Software’s Kerio Control, a popular UTM solution, was found to be vulnerable to multiple HTTP Response Splitting vulnerabilities, which affecting versions 9.2.5 through 9.4.5, could potentially allow attackers to inject malicious code into web pages, leading to cross-site scripting (XSS) attacks and other security compromises. The vulnerabilities, tracked as CVE-2024-52875 and KIS-2024-07, highlight the…
-
Critical security hole in Apache Struts under exploit
You applied the patch that could stop possible RCE attacks last week, right? First seen on theregister.com Jump to article: www.theregister.com/2024/12/17/critical_rce_apache_struts/
-
DEF CON 32 Iconv, Set The Charset To RCE Exploiting glibc To Hack The PHP Engine
Author/Presenter: Charles Fox Our sincere appreciation to DEF CON, and the Presenters/Authors for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel. Permalink First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/12/def-con-32-iconv-set-the-charset-to-rce-exploiting-glibc-to-hack-the-php-engine/
-
Apache issues patches for critical Struts 2 RCE bug
More details released after devs allowed weeks to apply fixes First seen on theregister.com Jump to article: www.theregister.com/2024/12/12/apache_struts_2_vuln/
-
Splunk RCE Vulnerability Let Attackers Execute Remote Code
Splunk, the data analysis and monitoring platform, is grappling with a Remote Code Execution (RCE) vulnerability. This flaw, identified as CVE-2024-53247, affects several versions of Splunk Enterprise and the Splunk Secure Gateway app on the Splunk Cloud Platform. The vulnerability is rated with a CVSSv3.1 score of 8.8, indicating a high severity level that poses…
-
Attackers exploit zero-day RCE flaw in Cleo managed file transfer
Tags: advisory, attack, cve, edr, exploit, firewall, flaw, group, Internet, malicious, mitigation, moveIT, powershell, ransomware, rce, remote-code-execution, software, tool, update, vulnerability, vulnerability-management, windows, zero-daySecurity researchers have warned about in-the-wild attacks that exploit a remote code execution vulnerability in managed file transfer (MFT) solutions developed by enterprise software vendor Cleo Communications.The impacted products include the latest versions of Cleo LexiCom, Cleo VLTrader and Cleo Harmony, with experts advising to temporarily disconnect these systems from the internet until a patch…
-
New Cleo zero-day RCE flaw exploited in data theft attacks
Hackers are actively exploiting a zero-day vulnerability in Cleo managed file transfer software to breach corporate networks and conduct data theft attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-cleo-zero-day-rce-flaw-exploited-in-data-theft-attacks/
-
PoC exploit for critical WhatsUp Gold RCE vulnerability released (CVE-2024-8785)
Researchers have published a proof-of-concept (PoC) exploit for CVE-2024-8785, a critical remote code execution vulnerability affecting Progress WhatsUp Gold, a popular … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/12/04/poc-exploit-cve-2024-8785-whatsup-gold/
-
Progress WhatsUp Gold RCE Vulnerability PoC Exploit Released
A registry overwrite remote code execution (RCE) vulnerability has been identified in NmAPI.exe, part of the WhatsUp Gold network monitoring software. This vulnerability, present in versions before 24.0.1, allows an unauthenticated remote attacker to execute arbitrary code on affected systems, posing significant security risks. Vulnerability Details The vulnerability lies within NmAPI.exe, a Windows Communication Foundation…
-
Veeam Issues Patch for Critical RCE Vulnerability in Service Provider Console
Veeam has released security updates to address a critical flaw impacting Service Provider Console (VSPC) that could pave the way for remote code execution on susceptible instances.The vulnerability, tracked as CVE-2024-42448, carries a CVSS score of 9.9 out of a maximum of 10.0. The company noted that the bug was identified during internal testing.”From the…
-
Exploit released for critical WhatsUp Gold RCE flaw, patch now
A proof-of-concept (PoC) exploit for a critical-severity remote code execution flaw in Progress WhatsUp Gold has been published, making it critical to install the latest security updates as soon as possible. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/exploit-released-for-critical-whatsup-gold-rce-flaw-patch-now/
-
Veeam warns of critical RCE bug in Service Provider Console
Veeam released security updates today to address two Service Provider Console (VSPC) vulnerabilities, including a critical remote code execution (RCE) discovered during internal testing. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/veeam-warns-of-critical-rce-bug-in-service-provider-console/