Snapshot
Dec. 23, 2023 - Dec. 29, 2023
CISA Known Exploited Vulnerabilities |
||||
---|---|---|---|---|
No issues added to the CISA Known Exploited Vulnerability list. | ||||
Newswires |
||||
APT28 Phishing Campaign Deploying New Malware Uncovered by CERT-UA
The Ukrainian Computer Emergency Response Team (CERT-UA) has issued a warning about a new phishing operation run by the APT28 group, which is linked to Russia. |
Dec. 29, 2023 |
|||
Microsoft Deactivates MSIX Protocol Handler Misused in Malware Attacks
Microsoft has once again deactivated the MSIX ms-appinstaller protocol handler, which has been exploited by numerous financially driven cybercriminal groups to distribute malware to Windows users. |
Dec. 28, 2023 |
|||
Undocumented Hardware Feature Exploited in iPhone Triangulation Attack
The Operation Triangulation spyware has been targeting iPhone users since 2019, exploiting an undocumented feature in Apple chips to circumvent hardware-based security. |
Dec. 27, 2023 |
|||
Barracuda Patches ESG Zero-Day Exploited by Chinese Hackers
Barracuda, a firm specializing in network and email security, has announced that it patched a zero-day vulnerability in all active Email Security Gateway (ESG) appliances on December 21. |
Dec. 27, 2023 |
|||
Vulnerabilities In The News |
||||
CVE | Summary | Severity | Vendor | Risk Context |
CVE-2023-49070 (4) | Pre-auth RCE in Apache Ofbiz 18.12.09. | CRITICAL | Apache |
Actively Exploited Remote Code Execution Public Exploits Available |
CVE-2023-2868 (4) | A remote command injection vulnerability exists in the Barracuda Email Security Gateway product effecting versions 5.1.3.001... | CRITICAL | Barracuda Networks, Barracuda |
CISA Known Exploited Actively Exploited Remote Code Execution Used In Ransomware Public Exploits Available |
CVE-2023-32435 (4) | A memory corruption issue was addressed with improved state management. | HIGH | Apple |
CISA Known Exploited |
CVE-2023-32434 (6) | An integer overflow was addressed with improved input validation. | HIGH | Apple |
CISA Known Exploited Actively Exploited Remote Code Execution Public Exploits Available |
CVE-2023-41990 (5) | The issue was addressed with improved handling of caches. | HIGH | Apple | Risk Context N/A |
CVE-2023-38831 (3) | RARLAB WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. | HIGH | Rarlab |
CISA Known Exploited Actively Exploited Remote Code Execution Public Exploits Available |
CVE-2023-38606 (9) | This issue was addressed with improved state management. | MEDIUM | Apple |
CISA Known Exploited |
CVE-2023-51467 (5) | The vulnerability allows attackers to bypass authentication to achieve a simple Server-Side Request Forgery | N/A |
Public Exploits Available |
|
CVE-2023-7102 (5) | Use of a Third Party library produced a vulnerability in Barracuda Networks Inc. Barracuda ESG Appliance which allowed Parame... | N/A | Risk Context N/A | |
CVE-2023-7101 (5) | Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files. | N/A | Risk Context N/A |
CISA Known Exploited Vulnerabilities
CISA added 0 vulnerabilities to the known exploited vulnerabilities list.
In The News
Vulnerabilities receiving the most attention in traditional news media.
CVE-2023-49070 |
CRITICAL CVSS 9.80 EPSS Score 50.12 EPSS Percentile 97.23 |
Actively Exploited Remote Code Execution Public Exploits Available |
Published: Dec. 5, 2023 |
Pre-auth RCE in Apache Ofbiz 18.12.09. It's due to XML-RPC no longer maintained still present. This issue affects Apache OFBiz: before 18.12.10. Users are recommended to upgrade to version 18.12.10 |
Vendor Impacted: Apache |
Product Impacted: Ofbiz |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-2868 |
CRITICAL CVSS 9.80 EPSS Score 2.75 EPSS Percentile 89.50 |
CISA Known Exploited Actively Exploited Remote Code Execution Used In Ransomware Public Exploits Available |
Published: May 24, 2023 |
A remote command injection vulnerability exists in the Barracuda Email Security Gateway (appliance form factor only) product effecting versions 5.1.3.001-9.2.0.006. The vulnerability arises out of a failure to comprehensively sanitize the processing of .tar file (tape archives). The vulnerability stems from incomplete input validation of a user-supplied .tar file as it pertains to the names of the files contained within the archive. As a consequence, a remote attacker can specifically format these file names in a particular manner that will result in remotely executing a system command through Perl's qx operator with the privileges of the Email Security Gateway product. This issue was fixed as part of BNSF-36456 patch. This patch was automatically applied to all customer appliances. |
Vendors Impacted: Barracuda Networks, Barracuda |
Products Impacted: Email Security Gateway 900, Email Security Gateway 900 Firmware, Email Security Gateway 800 Firmware, Email Security Gateway 800, Email Security Gateway 600 Firmware, Email Security Gateway 400, Email Security Gateway 600, Email Security Gateway 300, Email Security Gateway (Esg) Appliance, Email Security Gateway 400 Firmware, Email Security Gateway 300 Firmware |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-32435 |
HIGH CVSS 8.80 EPSS Score 0.10 EPSS Percentile 40.94 |
CISA Known Exploited |
Published: June 23, 2023 |
A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4 and iPadOS 16.4, iOS 15.7.7 and iPadOS 15.7.7. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7. |
Vendor Impacted: Apple |
Products Impacted: Multiple Products, Macos, Iphone Os, Ipados, Safari |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-32434 |
HIGH CVSS 7.80 EPSS Score 0.07 EPSS Percentile 30.54 |
CISA Known Exploited Actively Exploited Remote Code Execution Public Exploits Available |
Published: June 23, 2023 |
An integer overflow was addressed with improved input validation. This issue is fixed in watchOS 9.5.2, macOS Big Sur 11.7.8, iOS 15.7.7 and iPadOS 15.7.7, macOS Monterey 12.6.7, watchOS 8.8.1, iOS 16.5.1 and iPadOS 16.5.1, macOS Ventura 13.4.1. An app may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7. |
Vendor Impacted: Apple |
Products Impacted: Multiple Products, Watchos, Macos, Iphone Os, Ipados |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-41990 |
HIGH CVSS 7.80 EPSS Score 0.08 EPSS Percentile 31.31 |
Risk Context N/A |
Published: Sept. 12, 2023 |
The issue was addressed with improved handling of caches. This issue is fixed in tvOS 16.3, iOS 16.3 and iPadOS 16.3, macOS Monterey 12.6.8, macOS Big Sur 11.7.9, iOS 15.7.8 and iPadOS 15.7.8, macOS Ventura 13.2, watchOS 9.3. Processing a font file may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7.1. |
Vendor Impacted: Apple |
Products Impacted: Watchos, Macos, Tvos, Iphone Os, Ipados |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-38831 |
HIGH CVSS 7.80 EPSS Score 23.40 EPSS Percentile 96.11 |
CISA Known Exploited Actively Exploited Remote Code Execution Public Exploits Available |
Published: Aug. 23, 2023 |
RARLAB WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The issue occurs because a ZIP archive may include a benign file (such as an ordinary .JPG file) and also a folder that has the same name as the benign file, and the contents of the folder (which may include executable content) are processed during an attempt to access only the benign file. This was exploited in the wild in April through October 2023. |
Vendor Impacted: Rarlab |
Product Impacted: Winrar |
Quotes
|
Headlines |
Back to top ↑ |
CVE-2023-38606 |
MEDIUM CVSS 5.50 EPSS Score 0.34 EPSS Percentile 68.39 |
CISA Known Exploited |
Published: July 27, 2023 |
This issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.6.8, iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Big Sur 11.7.9, macOS Ventura 13.5, watchOS 9.6. An app may be able to modify sensitive kernel state. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7.1. |
Vendor Impacted: Apple |
Products Impacted: Multiple Products, Watchos, Macos, Tvos, Iphone Os, Ipados |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-51467 |
CVSS Not Assigned EPSS Score 0.04 EPSS Percentile 12.55 |
Public Exploits Available |
Published: Dec. 26, 2023 |
The vulnerability allows attackers to bypass authentication to achieve a simple Server-Side Request Forgery (SSRF) |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-7102 |
CVSS Not Assigned EPSS Score 0.04 EPSS Percentile 8.19 |
Risk Context N/A |
Published: Dec. 24, 2023 |
Use of a Third Party library produced a vulnerability in Barracuda Networks Inc. Barracuda ESG Appliance which allowed Parameter Injection.This issue affected Barracuda ESG Appliance, from 5.1.3.001 through 9.2.1.001, until Barracuda removed the vulnerable logic. |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-7101 |
CVSS Not Assigned EPSS Score 0.04 EPSS Percentile 12.19 |
Risk Context N/A |
Published: Dec. 24, 2023 |
Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files. Spreadsheet::ParseExcel is vulnerable to an arbitrary code execution (ACE) vulnerability due to passing unvalidated input from a file into a string-type “eval”. Specifically, the issue stems from the evaluation of Number format strings (not to be confused with printf-style format strings) within the Excel parsing logic. |
Quotes
|
Headlines
|
Back to top ↑ |
Accelerate Security Teams
Schedule a free consultation with a vulnerability expert to discuss your use cases and to see a demo.