Cyber_Comply


Known Exploited Vulnerabilities and counting....

A known exploited vulnerability (KEV) refers to a software vulnerability that is being actively exploited by cybercriminals or threat actors. When a vulnerability becomes known to be exploited in the wild, it signals that the vulnerability poses a significant and imminent risk to organizations.

Begin by

Knowing

which assets are at risk.
Woman Looking at Computer Screen
Man in scary mask
Accurate

Inventory

is a fundamental security tool.

Inventory is an important aspect of cybersecurity because it helps organizations identify and manage their technology assets, which is crucial for securing their systems and data. Inventory helps with the identification of the devices, software, or configurations that can become a security risk. By maintaining a current inventory, organizations can quickly identify any unpatched devices or outdated software that requires updating or removal.

CVE Horror Poster

CVEs form a database of known security vulnerabilities that are actively tracked and managed by a group of organizations, such as the U.S. National Cyber Security Alliance. CVEs are an important tool for network security management because they not only provide an inventory of existing vulnerabilities, but also provide information about how the vulnerability can be exploited and instructions on how to protect against it.

Zombie hands

Zombie CVE?

When an older computer on your network is missing a security patch...

Due to the urgent risks they represent, KEVs are prioritized by software vendors and security organizations for patches and remediation.

Man in scary mask

Slasher CVE?

A small group of CVEs can cause a lot of damage. See which vendors have been targets...

Search Known Exploits
Man in scary mask

Vampire CVEs?

KEVs allow attackers to compromise systems and networks to conduct malicious activities like stealing data, installing ransomware, or creating botnets.


Upcoming Patch Due Dates

via Binding Operational Directive 22-01

(BOD) 22-01 is a directive issued by the Cybersecurity and Infrastructure Security Agency (CISA) in the United States to federal agencies and federal contractors in order to improve their cybersecurity practices. It provides a set of guidelines and requirements that these agencies and contractors must follow to increase their defenses against cyber threats.

Veeam

Backup & Replication
Patch deadline: in 20 days on 11/07/2024

CVE-2024-40711

Veeam Backup and Replication contains a deserialization vulnerability allowing an unauthenticated user to perform remote code execution.

Veeam Backup and Replication Deserialization Vulnerability

SolarWinds

Web Help Desk
Patch deadline: in 18 days on 11/05/2024

CVE-2024-28987

SolarWinds Web Help Desk contains a hardcoded credential vulnerability that could allow a remote, unauthenticated user to access internal functionality and modify data.

Read More:

SolarWinds Web Help Desk Hardcoded Credential Vulnerability

Microsoft

Windows
Patch deadline: in 18 days on 11/05/2024

CVE-2024-30088

Microsoft Windows Kernel contains a time-of-check to time-of-use (TOCTOU) race condition vulnerability that could allow for privilege escalation.

Microsoft Windows Kernel TOCTOU Race Condition Vulnerability

Mozilla

Firefox
Patch deadline: in 18 days on 11/05/2024

CVE-2024-9680

Mozilla Firefox and Firefox ESR contain a use-after-free vulnerability in Animation timelines that allows for code execution in the content process.

Mozilla Firefox Use-After-Free Vulnerability

Fortinet

Multiple Products
Patch deadline: in 12 days on 10/30/2024

CVE-2024-23113

Fortinet FortiOS, FortiPAM, FortiProxy, and FortiWeb contain a format string vulnerability that allows a remote, unauthenticated attacker to execute arbitrary code or commands via specially crafted requests.

Read More:

Fortinet Multiple Products Format String Vulnerability

Ivanti

Cloud Services Appliance (CSA)
Patch deadline: in 12 days on 10/30/2024

CVE-2024-9379

Ivanti Cloud Services Appliance (CSA) contains a SQL injection vulnerability in the admin web console in versions prior to 5.0.2, which can allow a remote attacker authenticated as administrator to run arbitrary SQL statements.

Read More:

Ivanti Cloud Services Appliance (CSA) SQL Injection Vulnerability

Zombie hands

CVE = Common Vulnerability and Exposure

CVE OF THE WEEK:

D-Link

DIR-600 Router
Patch deadline: 4 months ago on 06/06/2024

CVE-2014-100005

D-Link DIR-600 routers contain a cross-site request forgery (CSRF) vulnerability that allows an attacker to change router configurations by hijacking an existing administrator session.

D-Link DIR-600 Router Cross-Site Request Forgery (CSRF) Vulnerability

Learn more about this CVE: thehackernews.com


Cyber Security News

You may have missed...

Zombie hands