Snapshot
Sept. 23, 2023 - Sept. 29, 2023
CISA Known Exploited Vulnerabilities |
||||
---|---|---|---|---|
CVE | Summary | Severity | Vendor | Date Added |
CVE-2018-14667 | Red Hat JBoss RichFaces Framework contains an expression language injection vulnerability via the UserResource resource. A remote, unauthenticated attacker could exploit this vulnerability to execute malicious code using a chain of Java serialized objects via org.ajax4jsf.resource.UserResource$UriData. | CRITICAL | Red Hat | Sept. 28, 2023 |
CVE-2023-41993 | Apple iOS, iPadOS, macOS, and Safari WebKit contain an unspecified vulnerability that can allow an attacker to execute code when processing web content. | CRITICAL | Apple | Sept. 25, 2023 |
CVE-2023-41992 | Apple iOS, iPadOS, macOS, and watchOS contain an unspecified vulnerability that allows for local privilege escalation. | HIGH | Apple | Sept. 25, 2023 |
CVE-2023-41991 | Apple iOS, iPadOS, macOS, and watchOS contain an improper certificate validation vulnerability that can allow a malicious app to bypass signature validation. | MEDIUM | Apple | Sept. 25, 2023 |
Newswires |
||||
Millions of Exim Mail Servers Vulnerable to Zero-Day RCE Attacks Due to Critical Flaw
A serious zero-day vulnerability has been identified in all versions of the Exim mail transfer agent (MTA) software, which could allow unauthorized individuals to execute remote code on servers that are exposed to the internet. |
Sept. 29, 2023 |
|||
Israeli Spyware Vendor Intellexa Exploits Rare iOS and Chrome Zero-Days to Target Egyptian Entities
Intellexa, an Israeli espionage software vendor, reportedly used three zero-day vulnerabilities in Apple's iOS and one in Google Chrome to craft an exploit chain targeting Egyptian organizations. |
Sept. 29, 2023 |
|||
Exploit for Critical Microsoft SharePoint Server Vulnerability Released
GitHub has become the host for a proof-of-concept exploit code for a severe authentication bypass vulnerability in Microsoft SharePoint Server. |
Sept. 29, 2023 |
|||
CISA Highlights Exploitation of Legacy JBoss RichFaces Vulnerability
The Cybersecurity and Infrastructure Security Agency (CISA), the main cybersecurity agency in the U.S., has issued a warning about a legacy vulnerability in JBoss RichFaces that is currently being exploited in attacks. |
Sept. 29, 2023 |
|||
Over 2,000 Entities Hit by Cl0p Ransomware Group Exploiting MOVEit Vulnerability
The Cl0p ransomware group has exploited a vulnerability in the MOVEit file transfer solution, impacting more than 2,000 organizations and over 60 million individuals, according to data released by cybersecurity firm Emsisoft. |
Sept. 29, 2023 |
|||
Progress Software Issues Critical Alert for WS_FTP Server Vulnerability
Progress Software, the company behind the MOVEit Transfer file-sharing platform, has issued a warning to its customers about a severe vulnerability in its WS_FTP Server software. |
Sept. 28, 2023 |
|||
New Zero-Day Vulnerability in Cisco IOS Poses Double Threat
A newly discovered zero-day vulnerability in Cisco's operating systems, CVE-2023-20109, could potentially allow cybercriminals to gain full control over affected devices, execute any code, and instigate denial of service (DoS) conditions. |
Sept. 28, 2023 |
|||
Cisco Calls on Administrators to Address Zero-Day IOS Software Vulnerability
Cisco issued a warning to its customers on Wednesday about a zero-day vulnerability in its IOS and IOS XE software that has been targeted by attackers. |
Sept. 28, 2023 |
|||
Google Addresses Fifth Actively Exploited Chrome Zero-Day of 2023
Google has issued an urgent security patch for the fifth Chrome zero-day vulnerability that has been actively exploited in attacks since the beginning of 2023. |
Sept. 27, 2023 |
|||
Newly Unveiled RCE Exploit Chain Targets SharePoint Server
Details of an exploit chain that combines two critical vulnerabilities in Microsoft SharePoint Server have been disclosed by researchers. |
Sept. 27, 2023 |
|||
Apple's macOS 14 Sonoma Addresses Over 60 Security Issues
Apple has officially released macOS 14 Sonoma, which includes patches for more than 60 security vulnerabilities. |
Sept. 27, 2023 |
|||
Sony Probes Alleged Cyberattack Amidst Dueling Hacker Claims
Sony is looking into claims of a cyberattack this week as two separate hacker groups have claimed responsibility for the alleged hack. |
Sept. 26, 2023 |
|||
Google Reclassifies libwebp Bug Exploited in Attacks
Google has reclassified a previously identified security vulnerability in its Chrome browser, now assigning a new CVE ID (CVE-2023-5129) to the flaw in the open-source libwebp library. |
Sept. 26, 2023 |
|||
Luxury Hotels Under Cyber Attack: A Sophisticated Phishing Campaign Unveiled
The hospitality industry continues to face cyber threats, with luxury hotels becoming the latest target. |
Sept. 26, 2023 |
|||
Clop Ransomware Attack on BORN Ontario Child Registry Impacts 3.4 Million Individuals
The Better Outcomes Registry & Network (BORN), a perinatal and child registry funded by the Ontario government, has fallen victim to a hacking spree by the Clop ransomware. |
Sept. 25, 2023 |
|||
Critical Vulnerability in TeamCity CI/CD Server Could Lead to Remote Server Takeover
A severe security flaw has been identified in the TeamCity CI/CD server, a build management and continuous integration platform developed by JetBrains. |
Sept. 25, 2023 |
|||
National Student Clearinghouse Data Breach Affects 900 US Schools
The National Student Clearinghouse (NSC), a nonprofit organization in the U.S. that provides educational verification and reporting services to schools, employers, and other organizations, has revealed a data breach that affected around 900 U.S. schools using its services. |
Sept. 24, 2023 |
|||
Vulnerabilities In The News |
||||
CVE | Summary | Severity | Vendor | Risk Context |
CVE-2023-41993 (8) | The issue was addressed with improved checks. | CRITICAL | Apple |
CISA Known Exploited |
CVE-2023-34362 (8) | In Progress MOVEit Transfer before 2021.0.6 , 2021.1.4 , 2022.0.4 , 2022.1.5 , and 2023.0.1 , a SQL injection vulnerability h... | CRITICAL | Progress |
CISA Known Exploited Actively Exploited Remote Code Execution Used In Ransomware Public Exploits Available |
CVE-2023-4863 (12) | Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perfo... | HIGH | Debian, Google, Mozilla, Fedoraproject |
CISA Known Exploited Actively Exploited Remote Code Execution Public Exploits Available |
CVE-2023-5217 (10) | Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote at... | HIGH | Mozilla, Google, Webmproject |
Actively Exploited Remote Code Execution |
CVE-2023-5129 (10) | ** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | HIGH | Risk Context N/A | |
CVE-2023-40044 (6) | In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a pre-authenticated attacker could leverage a .NET deserialization vulne... | HIGH | Risk Context N/A | |
CVE-2023-41992 (7) | The issue was addressed with improved checks. | HIGH | Apple |
CISA Known Exploited Actively Exploited |
CVE-2023-41064 (6) | A buffer overflow issue was addressed with improved memory handling. | HIGH | Apple |
CISA Known Exploited Actively Exploited Remote Code Execution Public Exploits Available |
CVE-2023-20109 (6) | A vulnerability in the Cisco Group Encrypted Transport VPN feature of Cisco IOS Software and Cisco IOS XE Software could all... | MEDIUM |
Actively Exploited Remote Code Execution |
|
CVE-2023-41991 (6) | A certificate validation issue was addressed. | MEDIUM | Apple |
CISA Known Exploited |
CISA Known Exploited Vulnerabilities
CISA added four vulnerabilities to the known exploited vulnerabilities list.
Red Hat — JBoss RichFaces Framework |
CVE-2018-14667 / Added: Sept. 28, 2023 |
CRITICAL CVSS 9.80 EPSS Score 87.23 EPSS Percentile 98.24 |
Red Hat JBoss RichFaces Framework contains an expression language injection vulnerability via the UserResource resource. A remote, unauthenticated attacker could exploit this vulnerability to execute malicious code using a chain of Java serialized objects via org.ajax4jsf.resource.UserResource$UriData. |
Headlines
|
In The News
Vulnerabilities receiving the most attention in traditional news media.
CVE-2023-41993 |
CRITICAL CVSS 9.80 EPSS Score 0.09 EPSS Percentile 36.41 |
CISA Known Exploited |
Published: Sept. 21, 2023 |
The issue was addressed with improved checks. This issue is fixed in Safari 17, iOS 16.7 and iPadOS 16.7, macOS Sonoma 14. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7. |
Vendor Impacted: Apple |
Products Impacted: Multiple Products, Safari, Iphone Os, Ipad Os |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-34362 |
CRITICAL CVSS 9.80 EPSS Score 92.01 EPSS Percentile 98.59 |
CISA Known Exploited Actively Exploited Remote Code Execution Used In Ransomware Public Exploits Available |
Published: June 2, 2023 |
In Progress MOVEit Transfer before 2021.0.6 (13.0.6), 2021.1.4 (13.1.4), 2022.0.4 (14.0.4), 2022.1.5 (14.1.5), and 2023.0.1 (15.0.1), a SQL injection vulnerability has been found in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain access to MOVEit Transfer's database. Depending on the database engine being used (MySQL, Microsoft SQL Server, or Azure SQL), an attacker may be able to infer information about the structure and contents of the database, and execute SQL statements that alter or delete database elements. NOTE: this is exploited in the wild in May and June 2023; exploitation of unpatched systems can occur via HTTP or HTTPS. All versions (e.g., 2020.0 and 2019x) before the five explicitly mentioned versions are affected, including older unsupported versions. |
Vendor Impacted: Progress |
Products Impacted: Moveit Transfer, Moveit Cloud |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-4863 |
HIGH CVSS 8.80 EPSS Score 38.99 EPSS Percentile 96.78 |
CISA Known Exploited Actively Exploited Remote Code Execution Public Exploits Available |
Published: Sept. 12, 2023 |
Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical) |
Vendors Impacted: Debian, Google, Mozilla, Fedoraproject |
Products Impacted: Debian Linux, Fedora, Firefox Esr, Thunderbird, Chromium Webp, Firefox |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-5217 |
HIGH CVSS 8.80 EPSS Score 0.15 EPSS Percentile 51.06 |
Actively Exploited Remote Code Execution |
Published: Sept. 28, 2023 |
Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
Vendors Impacted: Mozilla, Google, Webmproject |
Products Impacted: Firefox Esr, Firefox Focus, Chrome, Libvpx, Firefox |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-5129 |
HIGH CVSS 8.80 EPSS Score 0.04 EPSS Percentile 12.50 |
Risk Context N/A |
Published: Sept. 25, 2023 |
** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Duplicate of CVE-2023-4863. |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-40044 |
HIGH CVSS 8.80 EPSS Score 0.05 EPSS Percentile 18.37 |
Risk Context N/A |
Published: Sept. 27, 2023 |
In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a pre-authenticated attacker could leverage a .NET deserialization vulnerability in the Ad Hoc Transfer module to execute remote commands on the underlying WS_FTP Server operating system. |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-41992 |
HIGH CVSS 7.80 EPSS Score 0.06 EPSS Percentile 24.77 |
CISA Known Exploited Actively Exploited |
Published: Sept. 21, 2023 |
The issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.7, macOS Ventura 13.6, iOS 16.7 and iPadOS 16.7. A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7. |
Vendor Impacted: Apple |
Products Impacted: Watchos, Macos, Multiple Products, Ipad Os, Iphone Os |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-41064 |
HIGH CVSS 7.80 EPSS Score 0.33 EPSS Percentile 67.58 |
CISA Known Exploited Actively Exploited Remote Code Execution Public Exploits Available |
Published: Sept. 7, 2023 |
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 16.6.1 and iPadOS 16.6.1, macOS Monterey 12.6.9, macOS Ventura 13.5.2, iOS 15.7.9 and iPadOS 15.7.9, macOS Big Sur 11.7.10. Processing a maliciously crafted image may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. |
Vendor Impacted: Apple |
Products Impacted: Ipados, Ios, Ipados, And Macos, Iphone Os, Macos |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-20109 |
MEDIUM CVSS 6.60 EPSS Score 0.04 EPSS Percentile 12.69 |
Actively Exploited Remote Code Execution |
Published: Sept. 27, 2023 |
A vulnerability in the Cisco Group Encrypted Transport VPN (GET VPN) feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker who has administrative control of either a group member or a key server to execute arbitrary code on an affected device or cause the device to crash. This vulnerability is due to insufficient validation of attributes in the Group Domain of Interpretation (GDOI) and G-IKEv2 protocols of the GET VPN feature. An attacker could exploit this vulnerability by either compromising an installed key server or modifying the configuration of a group member to point to a key server that is controlled by the attacker. A successful exploit could allow the attacker to execute arbitrary code and gain full control of the affected system or cause the affected system to reload, resulting in a denial of service (DoS) condition. For more information, see the Details ["#details"] section of this advisory. |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-41991 |
MEDIUM CVSS 5.50 EPSS Score 2.02 EPSS Percentile 87.56 |
CISA Known Exploited |
Published: Sept. 21, 2023 |
A certificate validation issue was addressed. This issue is fixed in macOS Ventura 13.6, iOS 16.7 and iPadOS 16.7. A malicious app may be able to bypass signature validation. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7. |
Vendor Impacted: Apple |
Products Impacted: Watchos, Macos, Multiple Products, Ipad Os, Iphone Os |
Quotes
|
Headlines
|
Back to top ↑ |
Accelerate Security Teams
Schedule a free consultation with a vulnerability expert to discuss your use cases and to see a demo.