Known Exploited Vulnerabilities and counting....
A known exploited vulnerability (KEV) refers to a software vulnerability that is being actively exploited by cybercriminals or threat actors. When a vulnerability becomes known to be exploited in the wild, it signals that the vulnerability poses a significant and imminent risk to organizations.
Begin by
Knowing
which assets are at risk.
Accurate
Inventory
is a fundamental security tool.
Inventory is an important aspect of cybersecurity because it helps organizations identify and manage their technology assets, which is crucial for securing their systems and data. Inventory helps with the identification of the devices, software, or configurations that can become a security risk. By maintaining a current inventory, organizations can quickly identify any unpatched devices or outdated software that requires updating or removal.
Common Vulnerability and Exposure
CVEs form a database of known security vulnerabilities that are actively tracked and managed by a group of organizations, such as the U.S. National Cyber Security Alliance. CVEs are an important tool for network security management because they not only provide an inventory of existing vulnerabilities, but also provide information about how the vulnerability can be exploited and instructions on how to protect against it.
Zombie CVE?
When an older computer on your network is missing a security patch...
Due to the urgent risks they represent, KEVs are prioritized by software vendors and security organizations for patches and remediation.
Slasher CVE?
A small group of CVEs can cause a lot of damage. See which vendors have been targets...
Search Known Exploits
Vampire CVEs?
KEVs allow attackers to compromise systems and networks to conduct malicious activities like stealing data, installing ransomware, or creating botnets.
Upcoming Patch Due Dates
via Binding Operational Directive 22-01
(BOD) 22-01 is a directive issued by the Cybersecurity and Infrastructure Security Agency (CISA) in the United States to federal agencies and federal contractors in order to improve their cybersecurity practices. It provides a set of guidelines and requirements that these agencies and contractors must follow to increase their defenses against cyber threats.
Oracle
WebLogic Server
Patch deadline: in 19 days on 01/28/2025
CVE-2020-2883
Oracle WebLogic Server, a product within the Fusion Middleware suite, contains an unspecified vulnerability exploitable by an unauthenticated attacker with network access via IIOP or T3.
Read More:
Oracle WebLogic Server Unspecified Vulnerability
Mitel
MiCollab
Patch deadline: in 19 days on 01/28/2025
CVE-2024-41713
Mitel MiCollab contains a path traversal vulnerability that could allow an attacker to gain unauthorized and unauthenticated access. This vulnerability can be chained with CVE-2024-55550, which allows an unauthenticated, remote attacker to read arbitrary files on the server.
Read More:
Mitel MiCollab Path Traversal Vulnerability
Mitel
MiCollab
Patch deadline: in 19 days on 01/28/2025
CVE-2024-55550
Mitel MiCollab contains a path traversal vulnerability that could allow an authenticated attacker with administrative privileges to read local files within the system due to insufficient input sanitization. This vulnerability can be chained with CVE-2024-41713, which allows an unauthenticated, remote attacker to read arbitrary files on the server.
Read More:
Mitel MiCollab Path Traversal Vulnerability
Palo Alto Networks
PAN-OS
Patch deadline: in 11 days on 01/20/2025
CVE-2024-3393
Palo Alto Networks PAN-OS contains a vulnerability in parsing and logging malformed DNS packets in the DNS Security feature that, when exploited, allows an unauthenticated attacker to remotely reboot the firewall. Repeated attempts to trigger this condition will cause the firewall to enter maintenance mode.
Read More:
Palo Alto Networks PAN-OS Malformed DNS Packet Vulnerability
Acclaim Systems
USAHERDS
Patch deadline: in 4 days on Monday at 12:00 AM
CVE-2021-44207
Acclaim Systems USAHERDS contains a hard-coded credentials vulnerability that could allow an attacker to achieve remote code execution on the system that runs the application. The MachineKey must be obtained via a separate vulnerability or other channel.
Read More:
Acclaim Systems USAHERDS Use of Hard-Coded Credentials Vulnerability
BeyondTrust
Privileged Remote Access (PRA) and Remote Support (RS)
Patch deadline: 13 days ago on 12/27/2024
CVE-2024-12356
BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) contain a command injection vulnerability, which can allow an unauthenticated attacker to inject commands that are run as a site user.
Read More:
BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) Command Injection Vulnerability
CVE = Common Vulnerability and Exposure
CVE OF THE WEEK:
Palo Alto Networks
PAN-OS
Patch deadline: in 11 days on 01/20/2025
CVE-2024-3393
Palo Alto Networks PAN-OS contains a vulnerability in parsing and logging malformed DNS packets in the DNS Security feature that, when exploited, allows an unauthenticated attacker to remotely reboot the firewall. Repeated attempts to trigger this condition will cause the firewall to enter maintenance mode.
Palo Alto Networks PAN-OS Malformed DNS Packet Vulnerability
Learn more about this CVE: paloaltonetworks.com
Cyber Security News
You may have missed...
