Snapshot
Aug. 12, 2023 - Aug. 18, 2023
CISA Known Exploited Vulnerabilities |
||||
---|---|---|---|---|
CVE | Summary | Severity | Vendor | Date Added |
CVE-2023-24489 | Citrix Content Collaboration contains an improper access control vulnerability that could allow an unauthenticated attacker to remotely compromise customer-managed ShareFile storage zones controllers. | CRITICAL | Citrix | Aug. 16, 2023 |
Newswires |
||||
LabRat Operation: Cryptomining Campaign Uses TryCloudflare to Conceal Infrastructure
Sysdig, a cloud security firm, has recently uncovered a new financially driven operation named 'LabRat'. |
Aug. 18, 2023 |
|||
New BlackCat Ransomware Variant Incorporates Advanced Impacket and RemCom Tools
Microsoft has recently discovered a new variant of the BlackCat ransomware, also known as ALPHV and Noberus, that uses advanced tools such as Impacket and RemCom to facilitate lateral movement and remote code execution. |
Aug. 18, 2023 |
|||
Global Phishing Campaign Targets Zimbra Email Servers
A phishing campaign has been active since at least April 2023, aiming to hijack accounts from Zimbra Collaboration email servers across the globe. |
Aug. 17, 2023 |
|||
Google's AI Integration into Fuzz Testing Yields Significant Results
Google has successfully integrated artificial intelligence into its open-source fuzz testing infrastructure, which has led to a significant improvement in code coverage. |
Aug. 17, 2023 |
|||
Play Ransomware Group Launches Global Campaign Against MSPs
The Play ransomware group, also tracked as PlayCrypt by researchers at Adlumin, is currently executing a widespread cyberattack campaign against managed service providers (MSPs) worldwide. |
Aug. 17, 2023 |
|||
Rapid7 Report Highlights High ROI for Ransomware and Increasing Use of Zero-Day Exploits
Rapid7's mid-year review paints a grim picture of the current cybersecurity landscape. |
Aug. 17, 2023 |
|||
Critical Citrix ShareFile Vulnerability Exploited: CISA Issues Warning
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a critical vulnerability in Citrix ShareFile, a secure file transfer and cloud storage solution. |
Aug. 16, 2023 |
|||
Ivanti Addresses Critical Flaws in Avalanche Enterprise MDM Solution
Ivanti, a global IT solutions provider, has released patches for a series of critical and high-severity vulnerabilities identified in its enterprise mobile device management (MDM) solution, Avalanche. |
Aug. 16, 2023 |
|||
Critical OpenNMS Vulnerability Allows Data Theft and Triggers Denial of Service
OpenNMS, a popular open-source network monitoring software, has been found to have a high-severity vulnerability. |
Aug. 15, 2023 |
|||
Massive Hacking Campaign Targets Nearly 2,000 Citrix NetScaler Servers
An extensive hacking campaign has compromised nearly 2,000 Citrix NetScaler servers. |
Aug. 15, 2023 |
|||
Mandiant Rolls Out Scanner to Detect Compromised Citrix Devices
Mandiant has developed a scanner to determine whether a Citrix NetScaler Application Delivery Controller (ADC) or NetScaler Gateway Appliance has been compromised in extensive attacks that exploited the CVE-2023-3519 vulnerability. |
Aug. 15, 2023 |
|||
Critical Security Flaw in PostgreSQL Database System: CVE-2023-39417
PostgreSQL, a powerful open-source object-relational database system that has been a go-to choice for various applications, has been found to contain a severe security vulnerability. |
Aug. 14, 2023 |
|||
Colorado Alerts 4 Million Citizens of Data Breach Following IBM MOVEit Exploit
The Colorado Department of Health Care Policy & Financing (HCPF) has issued a data breach notification to more than four million individuals whose personal and health information was compromised. |
Aug. 14, 2023 |
|||
Critical Remote Code Execution Vulnerability in Ghostscript: PoC Released
A proof-of-concept (PoC) exploit code for a recently revealed severe security vulnerability in Ghostscript, an open-source PDF library, is now accessible. |
Aug. 14, 2023 |
|||
Critical Vulnerabilities in Iagona's ScrutisWeb ATM Software Could Enable Remote Attacks
Several serious security flaws have been found in the ScrutisWeb ATM fleet monitoring software, developed by French firm Iagona. |
Aug. 14, 2023 |
|||
Vulnerabilities In The News |
||||
CVE | Summary | Severity | Vendor | Risk Context |
CVE-2023-3519 (12) | Unauthenticated remote code execution | CRITICAL | Citrix |
CISA Known Exploited Actively Exploited Remote Code Execution Public Exploits Available |
CVE-2023-24489 (7) | A vulnerability has been discovered in the customer-managed ShareFile storage zones controller which, if exploited, could al... | CRITICAL | Citrix |
CISA Known Exploited Actively Exploited Remote Code Execution Public Exploits Available |
CVE-2023-32560 (6) | An attacker can send a specially crafted message to the Wavelink Avalanche Manager, which could result in service disruption ... | CRITICAL | Risk Context N/A | |
CVE-2023-3259 (5) | The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier is vulnerable to authentication bypass. | CRITICAL | Risk Context N/A | |
CVE-2023-32564 (4) | An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.4.1 and below that could allo... | CRITICAL | Risk Context N/A | |
CVE-2023-32563 (4) | An unauthenticated attacker could achieve the code execution through a RemoteControl server. | CRITICAL | Risk Context N/A | |
CVE-2023-32562 (4) | An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.3.x and below that could allo... | CRITICAL | Risk Context N/A | |
CVE-2023-3267 (5) | When adding a remote backup location, an authenticated user can pass arbitrary OS commands through the username field. | CRITICAL | Risk Context N/A | |
CVE-2023-32566 (5) | An attacker can send a specially crafted request which could lead to leakage of sensitive data or potentially a resource-base... | CRITICAL |
Remote Code Execution |
|
CVE-2023-32561 (5) | A previously generated artifact by an administrator could be accessed by an attacker. | HIGH | Risk Context N/A |
CISA Known Exploited Vulnerabilities
CISA added one vulnerability to the known exploited vulnerabilities list.
In The News
Vulnerabilities receiving the most attention in traditional news media.
CVE-2023-3519 |
CRITICAL CVSS 9.80 EPSS Score 91.20 EPSS Percentile 98.47 |
CISA Known Exploited Actively Exploited Remote Code Execution Public Exploits Available |
Published: July 19, 2023 |
Unauthenticated remote code execution |
Vendor Impacted: Citrix |
Products Impacted: Netscaler Gateway, Netscaler Application Delivery Contr, Netscaler Adc And Netscaler Gateway |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-24489 |
CRITICAL CVSS 9.80 EPSS Score 96.73 EPSS Percentile 99.50 |
CISA Known Exploited Actively Exploited Remote Code Execution Public Exploits Available |
Published: July 10, 2023 |
A vulnerability has been discovered in the customer-managed ShareFile storage zones controller which, if exploited, could allow an unauthenticated attacker to remotely compromise the customer-managed ShareFile storage zones controller. |
Vendor Impacted: Citrix |
Products Impacted: Content Collaboration, Sharefile Storage Zones Controller |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-32560 |
CRITICAL CVSS 9.80 EPSS Score 0.13 EPSS Percentile 47.93 |
Risk Context N/A |
Published: Aug. 10, 2023 |
An attacker can send a specially crafted message to the Wavelink Avalanche Manager, which could result in service disruption or arbitrary code execution. Thanks to a Researcher at Tenable for finding and reporting. Fixed in version 6.4.1. |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-3259 |
CRITICAL CVSS 9.80 EPSS Score 0.04 EPSS Percentile 7.00 |
Risk Context N/A |
Published: Aug. 14, 2023 |
The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier is vulnerable to authentication bypass. By manipulating the IP address field in the "iBootPduSiteAuth" cookie, a malicious agent can direct the device to connect to a rouge database.Successful exploitation allows the malicious agent to take actions with administrator privileges including, but not limited to, manipulating power levels, modifying user accounts, and exporting confidential user information |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-32564 |
CRITICAL CVSS 9.80 EPSS Score 0.56 EPSS Percentile 74.75 |
Risk Context N/A |
Published: Aug. 10, 2023 |
An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.4.1 and below that could allow an attacker to achieve a remove code execution. |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-32563 |
CRITICAL CVSS 9.80 EPSS Score 1.05 EPSS Percentile 82.17 |
Risk Context N/A |
Published: Aug. 10, 2023 |
An unauthenticated attacker could achieve the code execution through a RemoteControl server. |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-32562 |
CRITICAL CVSS 9.80 EPSS Score 0.56 EPSS Percentile 74.75 |
Risk Context N/A |
Published: Aug. 10, 2023 |
An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.3.x and below that could allow an attacker to achieve a remove code execution. Fixed in version 6.4.1. |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-3267 |
CRITICAL CVSS 9.10 EPSS Score 0.04 EPSS Percentile 5.84 |
Risk Context N/A |
Published: Aug. 14, 2023 |
When adding a remote backup location, an authenticated user can pass arbitrary OS commands through the username field. The username is passed without sanitization into CMD running as NT/Authority System. An authenticated attacker can leverage this vulnerability to execute arbitrary code with system-level access to the CyberPower PowerPanel Enterprise server. |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-32566 |
CRITICAL CVSS 9.10 EPSS Score 0.41 EPSS Percentile 70.74 |
Remote Code Execution |
Published: Aug. 10, 2023 |
An attacker can send a specially crafted request which could lead to leakage of sensitive data or potentially a resource-based DoS attack. Fixed in version 6.4.1. |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-32561 |
HIGH CVSS 7.50 EPSS Score 0.41 EPSS Percentile 70.74 |
Risk Context N/A |
Published: Aug. 10, 2023 |
A previously generated artifact by an administrator could be accessed by an attacker. The contents of this artifact could lead to authentication bypass. Fixed in version 6.4.1. |
Quotes
|
Headlines
|
Back to top ↑ |
Accelerate Security Teams
Schedule a free consultation with a vulnerability expert to discuss your use cases and to see a demo.