Snapshot
Jan. 11, 2025 - Jan. 17, 2025
CISA Known Exploited Vulnerabilities |
||||
|---|---|---|---|---|
| CVE | Summary | Severity | Vendor | Date Added |
| CVE-2024-50603 | Aviatrix Controllers contain an OS command injection vulnerability that could allow an unauthenticated attacker to execute arbitrary code. Shell metacharacters can be sent to /v1/api in cloud_type for list_flightpath_destination_instances, or src_cloud_type for flightpath_connection_test. | CRITICAL | Aviatrix | Jan. 16, 2025 |
| CVE-2024-55591 | Fortinet FortiOS and FortiProxy contain an authentication bypass vulnerability that may allow an unauthenticated, remote attacker to gain super-admin privileges via crafted requests to Node.js websocket module. | CRITICAL | Fortinet | Jan. 14, 2025 |
| CVE-2025-21335 | Microsoft Windows Hyper-V NT Kernel Integration VSP contains a use-after-free vulnerability that allows a local attacker to gain SYSTEM privileges. | HIGH | Microsoft | Jan. 14, 2025 |
| CVE-2025-21334 | Microsoft Windows Hyper-V NT Kernel Integration VSP contains a use-after-free vulnerability that allows a local attacker to gain SYSTEM privileges. | HIGH | Microsoft | Jan. 14, 2025 |
| CVE-2025-21333 | Microsoft Windows Hyper-V NT Kernel Integration VSP contains a heap-based buffer overflow vulnerability that allows a local attacker to gain SYSTEM privileges. | HIGH | Microsoft | Jan. 14, 2025 |
| CVE-2023-48365 | Qlik Sense contains an HTTP tunneling vulnerability that allows an attacker to escalate privileges and execute HTTP requests on the backend server hosting the software. | CRITICAL | Qlik | Jan. 13, 2025 |
| CVE-2024-12686 | BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) contain an OS command injection vulnerability that can be exploited by an attacker with existing administrative privileges to upload a malicious file. Successful exploitation of this vulnerability can allow a remote attacker to execute underlying operating system commands within the context of the site user. | HIGH | BeyondTrust | Jan. 13, 2025 |
Newswires |
||||
|
15,000 Fortinet Device Configurations Exposed on Dark Web
A significant amount of dated configuration data and VPN credentials for 15,474 Fortinet devices have been freely posted on the dark web. |
Jan. 17, 2025 |
|||
|
UEFI Secure Boot Vulnerability Exposes Systems to Bootkit Attacks
A severe security vulnerability in the Unified Extensible Firmware Interface (UEFI) systems, which could have allowed attackers to bypass the Secure Boot mechanism, has been patched. |
Jan. 16, 2025 |
|||
|
Malicious Code Hidden in Images to Deploy VIP Keylogger and 0bj3ctivity Stealer
Cyber criminals have been identified using a novel approach to deliver malware, hiding malicious code within images. |
Jan. 16, 2025 |
|||
|
RansomHub Ransomware Exploits Network Vulnerabilities via Python-Based Malware
GuidePoint Security's cybersecurity researchers have unearthed a cyberattack that involves a threat actor using a Python-based backdoor to maintain persistent entry to compromised systems, which is then used to deploy the RansomHub ransomware throughout the victim's network. |
Jan. 16, 2025 |
|||
|
Ivanti Endpoint Manager: Critical Security Flaws Uncovered
Security updates have been released by Ivanti to fix a number of vulnerabilities affecting Avalanche, Application Control Engine, and Endpoint Manager (EPM). |
Jan. 16, 2025 |
|||
Vulnerabilities In The News |
||||
| CVE | Summary | Severity | Vendor | Risk Context |
| CVE-2025-21311 (3) | Windows NTLM V1 Elevation of Privilege Vulnerability | CRITICAL | Microsoft | Risk Context N/A |
| CVE-2025-21298 (3) | Windows OLE Remote Code Execution Vulnerability | CRITICAL | Microsoft |
Remote Code Execution Public Exploits Available |
| CVE-2024-55591 (2) | An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS version 7.0.0 through 7... | CRITICAL | Fortinet |
CISA Known Exploited Actively Exploited Remote Code Execution Public Exploits Available |
| CVE-2022-40684 (2) | An authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS version 7.2.0 through 7.2.1 and 7.0... | CRITICAL | Fortinet |
CISA Known Exploited Actively Exploited Remote Code Execution Public Exploits Available |
| CVE-2024-7344 (2) | Howyar UEFI Application "Reloader" is vulnerable to execution of unsigned software in a hardcoded path. | HIGH | Radix, Wasay, Howyar, Ces, Greenware, Signalcomputer, Sanfong |
Remote Code Execution |
| CVE-2025-21395 (2) | Microsoft Access Remote Code Execution Vulnerability | HIGH | Microsoft |
Remote Code Execution |
| CVE-2025-21366 (2) | Microsoft Access Remote Code Execution Vulnerability | HIGH | Microsoft |
Remote Code Execution |
| CVE-2025-21186 (2) | Microsoft Access Remote Code Execution Vulnerability | HIGH | Microsoft |
Remote Code Execution |
| CVE-2024-8531 (1) | CWE-347: Improper Verification of Cryptographic Signature vulnerability exists that could compromise the Data Center Expert s... | HIGH | Risk Context N/A | |
| CVE-2024-8530 (1) | CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause exposure of private data when an ... | MEDIUM | Risk Context N/A | |
CISA Known Exploited Vulnerabilities
CISA added seven vulnerabilities to the known exploited vulnerabilities list.
Aviatrix — Controllers |
|
CVE-2024-50603 / Added: Jan. 16, 2025 |
|
CRITICAL CVSS 9.80 EPSS Score 88.88 EPSS Percentile 99.00 |
|
Aviatrix Controllers contain an OS command injection vulnerability that could allow an unauthenticated attacker to execute arbitrary code. Shell metacharacters can be sent to /v1/api in cloud_type for list_flightpath_destination_instances, or src_cloud_type for flightpath_connection_test. |
Fortinet — FortiOS and FortiProxy |
|
CVE-2024-55591 / Added: Jan. 14, 2025 |
|
CRITICAL CVSS 9.80 EPSS Score 2.63 EPSS Percentile 90.23 |
|
Fortinet FortiOS and FortiProxy contain an authentication bypass vulnerability that may allow an unauthenticated, remote attacker to gain super-admin privileges via crafted requests to Node.js websocket module. |
|
Headlines
|
Microsoft — Windows |
|
CVE-2025-21335 / Added: Jan. 14, 2025 |
|
HIGH CVSS 7.80 EPSS Score 0.10 EPSS Percentile 42.55 |
|
Microsoft Windows Hyper-V NT Kernel Integration VSP contains a use-after-free vulnerability that allows a local attacker to gain SYSTEM privileges. |
|
Headlines |
Microsoft — Windows |
|
CVE-2025-21334 / Added: Jan. 14, 2025 |
|
HIGH CVSS 7.80 EPSS Score 0.10 EPSS Percentile 42.55 |
|
Microsoft Windows Hyper-V NT Kernel Integration VSP contains a use-after-free vulnerability that allows a local attacker to gain SYSTEM privileges. |
|
Headlines |
Microsoft — Windows |
|
CVE-2025-21333 / Added: Jan. 14, 2025 |
|
HIGH CVSS 7.80 EPSS Score 0.05 EPSS Percentile 22.74 |
|
Microsoft Windows Hyper-V NT Kernel Integration VSP contains a heap-based buffer overflow vulnerability that allows a local attacker to gain SYSTEM privileges. |
|
Headlines |
In The News
Vulnerabilities receiving the most attention in traditional news media.
CVE-2025-21311 |
|
CRITICAL CVSS 9.80 EPSS Score 0.14 EPSS Percentile 51.15 |
|
Risk Context N/A |
|
Published: Jan. 14, 2025 |
|
Windows NTLM V1 Elevation of Privilege Vulnerability |
|
Vendor Impacted: Microsoft |
|
Products Impacted: Windows Server 2025, Windows 11 24h2, Windows Server 2022 23h2 |
|
Quotes
|
|
Headlines |
| Back to top ↑ |
CVE-2025-21298 |
|
CRITICAL CVSS 9.80 EPSS Score 0.05 EPSS Percentile 23.85 |
|
Remote Code Execution Public Exploits Available |
|
Published: Jan. 14, 2025 |
|
Windows OLE Remote Code Execution Vulnerability |
|
Vendor Impacted: Microsoft |
|
Products Impacted: Windows Server 2025, Windows 11 24h2, Windows Server 2008, Windows 10 1809, Windows 11 22h2, Windows Server 2016, Windows Server 2022 23h2, Windows Server 2022, Windows 10 1507, Windows Server 2019, Windows 10 21h2, Windows 10 1607, Windows 10 22h2, Windows Server 2012, Windows 11 23h2 |
|
Quotes
|
|
Headlines |
| Back to top ↑ |
CVE-2024-55591 |
|
CRITICAL CVSS 9.80 EPSS Score 2.63 EPSS Percentile 90.23 |
|
CISA Known Exploited Actively Exploited Remote Code Execution Public Exploits Available |
|
Published: Jan. 14, 2025 |
|
An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS version 7.0.0 through 7.0.16 and FortiProxy version 7.0.0 through 7.0.19 and 7.2.0 through 7.2.12 allows a remote attacker to gain super-admin privileges via crafted requests to Node.js websocket module. |
|
Vendor Impacted: Fortinet |
|
Products Impacted: Fortiproxy, Fortios, Fortios And Fortiproxy |
|
Quotes
|
|
Headlines |
| Back to top ↑ |
CVE-2022-40684 |
|
CRITICAL CVSS 9.80 EPSS Score 97.24 EPSS Percentile 99.92 |
|
CISA Known Exploited Actively Exploited Remote Code Execution Public Exploits Available |
|
Published: Oct. 18, 2022 |
|
An authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy version 7.2.0 and version 7.0.0 through 7.0.6 and FortiSwitchManager version 7.2.0 and 7.0.0 allows an unauthenticated atttacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests. |
|
Vendor Impacted: Fortinet |
|
Products Impacted: Fortiproxy, Fortiswitchmanager, Fortios, Multiple Products |
|
Quotes
|
|
Headlines |
| Back to top ↑ |
CVE-2024-7344 |
|
HIGH CVSS 8.20 EPSS Score 0.04 EPSS Percentile 0.29 |
|
Remote Code Execution |
|
Published: Jan. 14, 2025 |
|
Howyar UEFI Application "Reloader" (32-bit and 64-bit) is vulnerable to execution of unsigned software in a hardcoded path. |
|
Vendors Impacted: Radix, Wasay, Howyar, Ces, Greenware, Signalcomputer, Sanfong |
|
Products Impacted: Neoimpact, Greenguard, Erecoveryrx, Hdd King, Ez-Back System, Sysreturn, Smartrecovery |
|
Quotes
|
|
Headlines |
| Back to top ↑ |
CVE-2025-21395 |
|
HIGH CVSS 7.80 EPSS Score 0.05 EPSS Percentile 22.19 |
|
Remote Code Execution |
|
Published: Jan. 14, 2025 |
|
Microsoft Access Remote Code Execution Vulnerability |
|
Vendor Impacted: Microsoft |
|
Products Impacted: 365 Apps, Access, Office |
|
Quotes
|
|
Headlines |
| Back to top ↑ |
CVE-2025-21366 |
|
HIGH CVSS 7.80 EPSS Score 0.05 EPSS Percentile 22.19 |
|
Remote Code Execution |
|
Published: Jan. 14, 2025 |
|
Microsoft Access Remote Code Execution Vulnerability |
|
Vendor Impacted: Microsoft |
|
Products Impacted: 365 Apps, Access, Office |
|
Quotes
|
|
Headlines |
| Back to top ↑ |
CVE-2025-21186 |
|
HIGH CVSS 7.80 EPSS Score 0.05 EPSS Percentile 22.19 |
|
Remote Code Execution |
|
Published: Jan. 14, 2025 |
|
Microsoft Access Remote Code Execution Vulnerability |
|
Vendor Impacted: Microsoft |
|
Products Impacted: 365 Apps, Access, Office |
|
Quotes
|
|
Headlines |
| Back to top ↑ |
CVE-2024-8531 |
|
HIGH CVSS 7.20 EPSS Score 0.07 EPSS Percentile 31.25 |
|
Risk Context N/A |
|
Published: Oct. 11, 2024 |
|
CWE-347: Improper Verification of Cryptographic Signature vulnerability exists that could compromise the Data Center Expert software when an upgrade bundle is manipulated to include arbitrary bash scripts that are executed as root. |
|
Headlines |
| Back to top ↑ |
CVE-2024-8530 |
|
MEDIUM CVSS 5.90 EPSS Score 0.07 EPSS Percentile 31.25 |
|
Risk Context N/A |
|
Published: Oct. 11, 2024 |
|
CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause exposure of private data when an already generated “logcaptures” archive is accessed directly by HTTPS. |
|
Headlines |
| Back to top ↑ |
Accelerate Security Teams
Schedule a free consultation with a vulnerability expert to discuss your use cases and to see a demo.
