Snapshot
July 29, 2023 - Aug. 4, 2023
CISA Known Exploited Vulnerabilities |
||||
---|---|---|---|---|
CVE | Summary | Severity | Vendor | Date Added |
CVE-2023-35081 | Ivanti Endpoint Manager Mobile (EPMM) contains a path traversal vulnerability that enables an authenticated administrator to perform malicious file writes to the EPMM server. This vulnerability can be used in conjunction with CVE-2023-35078 to bypass authentication and ACLs restrictions (if applicable). | HIGH | Ivanti | July 31, 2023 |
Newswires |
||||
Top Exploited Cybersecurity Vulnerabilities of 2022 Unveiled by FBI, CISA, and NSA
The cybersecurity authorities of the Five Eyes alliance, which includes the United States, Australia, Canada, New Zealand, and the United Kingdom, in collaboration with the FBI, CISA, and NSA, have released a list of the 12 most exploited security vulnerabilities of 2022. |
Aug. 3, 2023 |
|||
Milesight Industrial Router Faces Multiple RCE Vulnerabilities: Cisco Talos Report
Cisco Talos has issued a warning about numerous vulnerabilities present in the Milesight UR32L industrial router. |
Aug. 3, 2023 |
|||
Ivanti Reveals Critical Authentication Bypass Vulnerability in MobileIron Core
Ivanti, an IT software enterprise, has announced a critical security flaw in its MobileIron Core mobile device management software. |
Aug. 2, 2023 |
|||
Ongoing Attacks Breach Over 640 Citrix Servers Exploiting Critical RCE Vulnerability
In a series of ongoing attacks, over 640 Citrix Netscaler ADC and Gateway servers have been compromised. |
Aug. 2, 2023 |
|||
Critical Security Flaw Discovered in Stripe Payment Plugin for WooCommerce
A significant security vulnerability, known as CVE-2023-3162, has been identified in the Stripe Payment Plugin for WooCommerce. |
Aug. 2, 2023 |
|||
CISA Catalog Includes Second Actively Exploited Ivanti EPMM Flaw
The US Cybersecurity and Infrastructure Security Agency (CISA) has included a second actively exploited vulnerability of Ivanti's Endpoint Manager Mobile (EPMM, formerly MobileIron Core) in its Known Exploited Vulnerabilities Catalog. |
Aug. 2, 2023 |
|||
Critical Security Flaw in MikroTik RouterOS Exposes Hundreds of Thousands of Devices
A recently revealed report has highlighted a critical privilege escalation vulnerability, CVE-2023-30799, in the MikroTik RouterOS system. |
July 31, 2023 |
|||
P2PInfect Worm Launches Undocumented Attacks on Redis Servers
The P2PInfect worm, a peer-to-peer (P2P) malware, has been detected using novel initial entry techniques to compromise vulnerable Redis servers and integrate them into a botnet. |
July 31, 2023 |
|||
CISA Investigates Malware Deployed in Barracuda ESG Attacks
The US Cybersecurity and Infrastructure Security Agency (CISA) has disclosed analysis reports on three malware families used in an attack leveraging a remote command injection vulnerability in Barracuda Email Security Gateway (ESG). |
July 31, 2023 |
|||
Critical RCE Flaw in Citrix ShareFile Under Attack
Cybersecurity experts have raised an alarm, warning that a critical remote code execution (RCE) flaw in Citrix ShareFile, a popular cloud-based file-sharing application, has come under attack. |
July 31, 2023 |
|||
Active Exploitation of New Vulnerability in Ivanti Endpoint Manager Mobile
Ivanti has reported a new vulnerability in its Endpoint Manager Mobile (EPMM), previously known as MobileIron Core. |
July 30, 2023 |
|||
Exploiting the MobileIron Zero-Day Bug: Researcher Reveals a Proof-of-Concept
A zero-day authentication bypass vulnerability is posing a threat to mobile device management worldwide. |
July 29, 2023 |
|||
Vulnerabilities In The News |
||||
CVE | Summary | Severity | Vendor | Risk Context |
CVE-2022-0543 (3) | It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a Lua sandbox escape, ... | CRITICAL | Debian, Redis |
CISA Known Exploited Actively Exploited Remote Code Execution Public Exploits Available |
CVE-2023-35078 (22) | Ivanti Endpoint Manager Mobile , formerly MobileIron Core, through 11.10 allows remote attackers to obtain PII, add an admin... | CRITICAL | Ivanti |
CISA Known Exploited Actively Exploited Remote Code Execution Public Exploits Available |
CVE-2023-2868 (6) | A remote command injection vulnerability exists in the Barracuda Email Security Gateway product effecting versions 5.1.3.001... | CRITICAL | Barracuda Networks, Barracuda |
CISA Known Exploited Actively Exploited Remote Code Execution Used In Ransomware Public Exploits Available |
CVE-2023-3519 (5) | Unauthenticated remote code execution | CRITICAL | Citrix |
CISA Known Exploited Actively Exploited Remote Code Execution Public Exploits Available |
CVE-2018-13379 (5) | An Improper Limitation of a Pathname to a Restricted Directory in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 ... | CRITICAL | Fortinet |
CISA Known Exploited Actively Exploited Remote Code Execution Public Exploits Available |
CVE-2023-35081 (19) | A path traversal vulnerability in Ivanti EPMM versions allows an authenticated administrator to write arbitrary files onto t... | HIGH | Ivanti |
CISA Known Exploited |
CVE-2023-30799 (4) | MikroTik RouterOS stable before 6.49.7 and long-term through 6.48.6 are vulnerable to a privilege escalation issue. | HIGH | Mikrotik |
Actively Exploited Remote Code Execution |
CVE-2023-37979 (2) | Unauth. | MEDIUM |
Public Exploits Available |
|
CVE-2023-20583 (5) | A potential power side-channel vulnerability in AMD processors may allow an authenticated attacker to monitor the CPU power c... | MEDIUM | Amd |
Remote Code Execution |
CISA Known Exploited Vulnerabilities
CISA added one vulnerability to the known exploited vulnerabilities list.
In The News
Vulnerabilities receiving the most attention in traditional news media.
CVE-2022-0543 |
CRITICAL CVSS 10.00 EPSS Score 97.27 EPSS Percentile 99.76 |
CISA Known Exploited Actively Exploited Remote Code Execution Public Exploits Available |
Published: Feb. 18, 2022 |
It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a (Debian-specific) Lua sandbox escape, which could result in remote code execution. |
Vendors Impacted: Debian, Redis |
Products Impacted: Debian-Specific Redis Servers, Redis, Debian Linux |
Quotes
|
Headlines |
Back to top ↑ |
CVE-2023-35078 |
CRITICAL CVSS 9.80 EPSS Score 11.14 EPSS Percentile 94.38 |
CISA Known Exploited Actively Exploited Remote Code Execution Public Exploits Available |
Published: July 25, 2023 |
Ivanti Endpoint Manager Mobile (EPMM), formerly MobileIron Core, through 11.10 allows remote attackers to obtain PII, add an administrative account, and change the configuration because of an authentication bypass, as exploited in the wild in July 2023. A patch is available. |
Vendor Impacted: Ivanti |
Products Impacted: Endpoint Manager Mobile, Endpoint Manager Mobile (Epmm) |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-2868 |
CRITICAL CVSS 9.80 EPSS Score 2.77 EPSS Percentile 89.21 |
CISA Known Exploited Actively Exploited Remote Code Execution Used In Ransomware Public Exploits Available |
Published: May 24, 2023 |
A remote command injection vulnerability exists in the Barracuda Email Security Gateway (appliance form factor only) product effecting versions 5.1.3.001-9.2.0.006. The vulnerability arises out of a failure to comprehensively sanitize the processing of .tar file (tape archives). The vulnerability stems from incomplete input validation of a user-supplied .tar file as it pertains to the names of the files contained within the archive. As a consequence, a remote attacker can specifically format these file names in a particular manner that will result in remotely executing a system command through Perl's qx operator with the privileges of the Email Security Gateway product. This issue was fixed as part of BNSF-36456 patch. This patch was automatically applied to all customer appliances. |
Vendors Impacted: Barracuda Networks, Barracuda |
Products Impacted: Email Security Gateway 600 Firmware, Email Security Gateway 400 Firmware, Email Security Gateway 800 Firmware, Email Security Gateway (Esg) Appliance, Email Security Gateway 600, Email Security Gateway 800, Email Security Gateway 300 Firmware, Email Security Gateway 900 Firmware, Email Security Gateway 400, Email Security Gateway 900, Email Security Gateway 300 |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-3519 |
CRITICAL CVSS 9.80 EPSS Score 4.69 EPSS Percentile 91.52 |
CISA Known Exploited Actively Exploited Remote Code Execution Public Exploits Available |
Published: July 19, 2023 |
Unauthenticated remote code execution |
Vendor Impacted: Citrix |
Products Impacted: Netscaler Adc And Netscaler Gateway, Netscaler Gateway, Netscaler Application Delivery Contr |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2018-13379 |
CRITICAL CVSS 9.80 EPSS Score 97.49 EPSS Percentile 99.95 |
CISA Known Exploited Actively Exploited Remote Code Execution Public Exploits Available |
Published: June 4, 2019 |
An Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal") in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to download system files via special crafted HTTP resource requests. |
Vendor Impacted: Fortinet |
Product Impacted: Fortios |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-35081 |
HIGH CVSS 7.20 |
CISA Known Exploited |
Published: Aug. 3, 2023 |
A path traversal vulnerability in Ivanti EPMM versions (11.10.x < 11.10.0.3, 11.9.x < 11.9.1.2 and 11.8.x < 11.8.1.2) allows an authenticated administrator to write arbitrary files onto the appliance. |
Vendor Impacted: Ivanti |
Product Impacted: Endpoint Manager Mobile (Epmm) |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-30799 |
HIGH CVSS 7.20 EPSS Score 0.06 EPSS Percentile 20.78 |
Actively Exploited Remote Code Execution |
Published: July 19, 2023 |
MikroTik RouterOS stable before 6.49.7 and long-term through 6.48.6 are vulnerable to a privilege escalation issue. A remote and authenticated attacker can escalate privileges from admin to super-admin on the Winbox or HTTP interface. The attacker can abuse this vulnerability to execute arbitrary code on the system. |
Vendor Impacted: Mikrotik |
Product Impacted: Routeros |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-37979 |
MEDIUM CVSS 6.10 EPSS Score 0.04 EPSS Percentile 6.96 |
Public Exploits Available |
Published: July 27, 2023 |
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Saturday Drive Ninja Forms Contact Form plugin <= 3.6.25 versions. |
Quotes
|
Headlines |
Back to top ↑ |
CVE-2023-20583 |
MEDIUM CVSS 4.70 EPSS Score 0.04 EPSS Percentile 6.93 |
Remote Code Execution |
Published: Aug. 1, 2023 |
A potential power side-channel vulnerability in AMD processors may allow an authenticated attacker to monitor the CPU power consumption as the data in a cache line changes over time potentially resulting in a leak of sensitive information. |
Vendor Impacted: Amd |
Product Impacted: * |
Quotes
|
Headlines
|
Back to top ↑ |
Accelerate Security Teams
Schedule a free consultation with a vulnerability expert to discuss your use cases and to see a demo.