Known Exploited Vulnerabilities and counting....

A known exploited vulnerability (KEV) refers to a software vulnerability that is being actively exploited by cybercriminals or threat actors. When a vulnerability becomes known to be exploited in the wild, it signals that the vulnerability poses a significant and imminent risk to organizations.

Begin by

Knowing

which assets are at risk.

Accurate

Inventory

is a fundamental security tool.

Inventory is an important aspect of cybersecurity because it helps organizations identify and manage their technology assets, which is crucial for securing their systems and data. Inventory helps with the identification of the devices, software, or configurations that can become a security risk. By maintaining a current inventory, organizations can quickly identify any unpatched devices or outdated software that requires updating or removal.

Common Vulnerability and Exposure

CVEs form a database of known security vulnerabilities that are actively tracked and managed by a group of organizations, such as the U.S. National Cyber Security Alliance. CVEs are an important tool for network security management because they not only provide an inventory of existing vulnerabilities, but also provide information about how the vulnerability can be exploited and instructions on how to protect against it.

Zombie CVE?

When an older computer on your network is missing a security patch...

Due to the urgent risks they represent, KEVs are prioritized by software vendors and security organizations for patches and remediation.

Slasher CVE?

A small group of CVEs can cause a lot of damage. See which vendors have been targets...

Search Known Exploits

Vampire CVEs?

KEVs allow attackers to compromise systems and networks to conduct malicious activities like stealing data, installing ransomware, or creating botnets.

Upcoming Patch Due Dates

via Binding Operational Directive 22-01

(BOD) 22-01 is a directive issued by the Cybersecurity and Infrastructure Security Agency (CISA) in the United States to federal agencies and federal contractors in order to improve their cybersecurity practices. It provides a set of guidelines and requirements that these agencies and contractors must follow to increase their defenses against cyber threats.

PTZOptics

PT30X-SDI/NDI Cameras

Patch deadline: in 18 days on 11/25/2024

CVE-2024-8956

PTZOptics PT30X-SDI/NDI cameras contain an insecure direct object reference (IDOR) vulnerability that allows a remote, attacker to bypass authentication for the /cgi-bin/param.cgi CGI script. If combined with CVE-2024-8957, this can lead to remote code execution as root.

PTZOptics PT30X-SDI/NDI Cameras Authentication Bypass Vulnerability

PTZOptics

PT30X-SDI/NDI Cameras

Patch deadline: in 18 days on 11/25/2024

CVE-2024-8957

PTZOptics PT30X-SDI/NDI cameras contain an OS command injection vulnerability that allows a remote, authenticated attacker to escalate privileges to root via a crafted payload with the ntp_addr parameter of the /cgi-bin/param.cgi CGI script.

PTZOptics PT30X-SDI/NDI Cameras OS Command Injection Vulnerability

Cisco

Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)

Patch deadline: in 7 days on 11/14/2024

CVE-2024-20481

Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain a missing release of resource after effective lifetime vulnerability that could allow an unauthenticated, remote attacker to cause a denial-of-service (DoS) of the RAVPN service.

Cisco ASA and FTD Denial-of-Service Vulnerability

Roundcube

Webmail

Patch deadline: in 7 days on 11/14/2024

CVE-2024-37383

RoundCube Webmail contains a cross-site scripting (XSS) vulnerability in the handling of SVG animate attributes that allows a remote attacker to run malicious JavaScript code.

RoundCube Webmail Cross-Site Scripting (XSS) Vulnerability

Fortinet

FortiManager

Patch deadline: in 6 days on Wednesday at 12:00 AM

CVE-2024-47575

Fortinet FortiManager contains a missing authentication vulnerability in the fgfmd daemon that allows a remote, unauthenticated attacker to execute arbitrary code or commands via specially crafted requests.

Fortinet FortiManager Missing Authentication Vulnerability

Microsoft

SharePoint

Patch deadline: in 5 days on Tuesday at 12:00 AM

CVE-2024-38094

Microsoft SharePoint contains a deserialization vulnerability that allows for remote code execution.

Microsoft SharePoint Deserialization Vulnerability

CVE = Common Vulnerability and Exposure

CVE OF THE WEEK:

D-Link

DIR-600 Router

Patch deadline: 5 months ago on 06/06/2024

CVE-2014-100005

D-Link DIR-600 routers contain a cross-site request forgery (CSRF) vulnerability that allows an attacker to change router configurations by hijacking an existing administrator session.

D-Link DIR-600 Router Cross-Site Request Forgery (CSRF) Vulnerability

Learn more about this CVE: thehackernews.com

Cyber Security News

You may have missed...

Cyber_Comply

Known Exploited Vulnerabilities and counting....

Begin by

Knowing

which assets are at risk.

Accurate

Inventory

is a fundamental security tool.

Common Vulnerability and Exposure

Zombie CVE?

Slasher CVE?

Search Known Exploits

Vampire CVEs?

Upcoming Patch Due Dates

PTZOptics

PT30X-SDI/NDI Cameras

Patch deadline: in 18 days on 11/25/2024

PTZOptics PT30X-SDI/NDI cameras contain an insecure direct object reference (IDOR) vulnerability that allows a remote, attacker to bypass authentication for the /cgi-bin/param.cgi CGI script. If combined with CVE-2024-8957, this can lead to remote code execution as root.

PTZOptics

PT30X-SDI/NDI Cameras

Patch deadline: in 18 days on 11/25/2024

PTZOptics PT30X-SDI/NDI cameras contain an OS command injection vulnerability that allows a remote, authenticated attacker to escalate privileges to root via a crafted payload with the ntp_addr parameter of the /cgi-bin/param.cgi CGI script.

Cisco

Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)

Patch deadline: in 7 days on 11/14/2024

Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain a missing release of resource after effective lifetime vulnerability that could allow an unauthenticated, remote attacker to cause a denial-of-service (DoS) of the RAVPN service.

Roundcube

Webmail

Patch deadline: in 7 days on 11/14/2024

RoundCube Webmail contains a cross-site scripting (XSS) vulnerability in the handling of SVG animate attributes that allows a remote attacker to run malicious JavaScript code.

Fortinet

FortiManager

Patch deadline: in 6 days on Wednesday at 12:00 AM

Fortinet FortiManager contains a missing authentication vulnerability in the fgfmd daemon that allows a remote, unauthenticated attacker to execute arbitrary code or commands via specially crafted requests.

Microsoft

SharePoint

Patch deadline: in 5 days on Tuesday at 12:00 AM

Microsoft SharePoint contains a deserialization vulnerability that allows for remote code execution.

CVE = Common Vulnerability and Exposure

CVE OF THE WEEK:

D-Link

DIR-600 Router

Patch deadline: 5 months ago on 06/06/2024

D-Link DIR-600 routers contain a cross-site request forgery (CSRF) vulnerability that allows an attacker to change router configurations by hijacking an existing administrator session.

Learn more about this CVE: thehackernews.com

Cyber Security News

AT&T Hacker Arrested: How the Cybersecurity Landscape Evolved Post-SnowflakeBreach

Hackers Increasingly Use Winos4.0 Post-Exploitation Kit in Attacks - BleepingComputer

Okta's Amy Johanek on the Cybersecurity Benefits of Cloud Services | CyberScoop

Okta's Christine Halverson Talks Different Types of Cybersecurity Attacks |CyberScoop

TOP SITES

CISO

Security

NIST

Cyber_Comply © 2021-23