Known Exploited Vulnerabilities and counting....
A known exploited vulnerability (KEV) refers to a software vulnerability that is being actively exploited by cybercriminals or threat actors. When a vulnerability becomes known to be exploited in the wild, it signals that the vulnerability poses a significant and imminent risk to organizations.
Begin by
Knowing
which assets are at risk.
Accurate
Inventory
is a fundamental security tool.
Inventory is an important aspect of cybersecurity because it helps organizations identify and manage their technology assets, which is crucial for securing their systems and data. Inventory helps with the identification of the devices, software, or configurations that can become a security risk. By maintaining a current inventory, organizations can quickly identify any unpatched devices or outdated software that requires updating or removal.
Common Vulnerability and Exposure
CVEs form a database of known security vulnerabilities that are actively tracked and managed by a group of organizations, such as the U.S. National Cyber Security Alliance. CVEs are an important tool for network security management because they not only provide an inventory of existing vulnerabilities, but also provide information about how the vulnerability can be exploited and instructions on how to protect against it.
Zombie CVE?
When an older computer on your network is missing a security patch...
Due to the urgent risks they represent, KEVs are prioritized by software vendors and security organizations for patches and remediation.
Slasher CVE?
A small group of CVEs can cause a lot of damage. See which vendors have been targets...
Search Known Exploits
Vampire CVEs?
KEVs allow attackers to compromise systems and networks to conduct malicious activities like stealing data, installing ransomware, or creating botnets.
Upcoming Patch Due Dates
via Binding Operational Directive 22-01
(BOD) 22-01 is a directive issued by the Cybersecurity and Infrastructure Security Agency (CISA) in the United States to federal agencies and federal contractors in order to improve their cybersecurity practices. It provides a set of guidelines and requirements that these agencies and contractors must follow to increase their defenses against cyber threats.
NextGen Healthcare
Mirth Connect
Patch deadline: in 20 days on 06/10/2024
CVE-2023-43208
NextGen Healthcare Mirth Connect contains a deserialization of untrusted data vulnerability that allows for unauthenticated remote code execution via a specially crafted request.
NextGen Healthcare Mirth Connect Deserialization of Untrusted Data Vulnerability
Chromium V8
Patch deadline: in 20 days on 06/10/2024
CVE-2024-4947
Google Chromium V8 contains a type confusion vulnerability that allows a remote attacker to execute code via a crafted HTML page.
Google Chromium V8 Type Confusion Vulnerability
D-Link
DIR-600 Router
Patch deadline: in 16 days on 06/06/2024
CVE-2014-100005
D-Link DIR-600 routers contain a cross-site request forgery (CSRF) vulnerability that allows an attacker to change router configurations by hijacking an existing administrator session.
D-Link DIR-600 Router Cross-Site Request Forgery (CSRF) Vulnerability
D-Link
DIR-605 Router
Patch deadline: in 16 days on 06/06/2024
CVE-2021-40655
D-Link DIR-605 routers contain an information disclosure vulnerability that allows attackers to obtain a username and password by forging a post request to the /getcfg.php page.
D-Link DIR-605 Router Information Disclosure Vulnerability
Chromium Visuals
Patch deadline: in 16 days on 06/06/2024
CVE-2024-4761
Google Chromium V8 Engine contains an unspecified out-of-bounds memory write vulnerability via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Google Chromium V8 Out-of-Bounds Memory Write Vulnerability
Microsoft
Windows
Patch deadline: in 14 days on 06/04/2024
CVE-2024-30040
Microsoft Windows MSHTML Platform contains an unspecified vulnerability that allows for a security feature bypass.
Microsoft Windows MSHTML Platform Security Feature Bypass Vulnerability
CVE = Common Vulnerability and Exposure
CVE OF THE WEEK:
Ivanti
NEndpoint Manager Mobile (EPMM) and MobileIron Core
Patch deadline: 3 months ago on 02/08/2024
CVE-2023-35082
Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core contain an authentication bypass vulnerability that allows unauthorized users to access restricted functionality or resources of the application.
Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core Authentication Bypass Vulnerability
Learn more about this CVE: forums.ivanti.com
Cyber Security News
You may have missed...