Snapshot
July 6, 2024 - July 12, 2024
CISA Known Exploited Vulnerabilities |
||||
---|---|---|---|---|
CVE | Summary | Severity | Vendor | Date Added |
CVE-2024-23692 | Rejetto HTTP File Server contains an improper neutralization of special elements used in a template engine vulnerability. This allows a remote, unauthenticated attacker to execute commands on the affected system by sending a specially crafted HTTP request. | CRITICAL | Rejetto | July 9, 2024 |
CVE-2024-38080 | Microsoft Windows Hyper-V contains a privilege escalation vulnerability that allows a local attacker with user permissions to gain SYSTEM privileges. | HIGH | Microsoft | July 9, 2024 |
CVE-2024-38112 | Microsoft Windows MSHTML Platform contains a spoofing vulnerability that has a high impact to confidentiality, integrity, and availability. | HIGH | Microsoft | July 9, 2024 |
Newswires |
||||
Critical Vulnerability in Exim Mail Servers Affects 1.5 Million Instances
Censys, a cybersecurity company, has issued a warning that a severe vulnerability exists in over 1.5 million instances of Exim mail transfer agent (MTA). |
July 12, 2024 |
|||
Akira Ransomware: Accelerated Data Exfiltration in Roughly Two Hours
The Akira ransomware group, suspected to be Storm-1567 (also known as Punk Spider and Gold Sahara), has demonstrated the ability to exfiltrate data from victims in just over two hours. |
July 11, 2024 |
|||
Rise in Attacks by Crystalray, the New OSS-Based Threat Actor
Crystalray, a newly discovered cyber threat actor, is leveraging a range of open source software (OSS) tools to boost its operations focused on stealing credentials and cryptomining. |
July 11, 2024 |
|||
PHP Flaw Exploited by Threat Actors to Disseminate Malware and Initiate DDoS Attacks
A security flaw in PHP, known as CVE-2024-4577, is being exploited by various threat actors to spread remote access trojans, cryptocurrency miners, and initiate distributed denial-of-service (DDoS) botnets. |
July 11, 2024 |
|||
VMware Addresses High-Severity SQL-Injection Vulnerability in Aria Automation Product
VMware, a company specializing in virtualization, has addressed a critical SQL-injection vulnerability in its Aria Automation solution. |
July 11, 2024 |
|||
Critical Vulnerability in GitLab Allows Attackers to Execute Pipelines as Other Users
GitLab has warned of a critical vulnerability in its Community and Enterprise editions, which allows attackers to run pipeline jobs as any other user. |
July 10, 2024 |
|||
CISA and FBI Call on Developers to Eliminate OS Command Injection Vulnerabilities
CISA and the FBI have issued a joint advisory to software firms, strongly recommending they scrutinize their products and eliminate any OS command injection vulnerabilities before they are released to the market. |
July 10, 2024 |
|||
Longstanding Windows Zero-Day Exploited for Over a Year
Microsoft recently addressed a zero-day vulnerability in Windows that had been actively exploited in attacks for a year and a half to execute malicious scripts while bypassing security features. |
July 10, 2024 |
|||
Citrix Addresses Critical and High-Severity Bugs in NetScaler Product
Citrix has launched security patches to fix critical and high-risk problems in its NetScaler product. |
July 10, 2024 |
|||
Emerging Ransomware Group Exploits Vulnerability in Veeam Backup Software
EstateRansomware, a newly identified ransomware group, has been exploiting a vulnerability in Veeam Backup & Replication software, according to Group-IB, a Singapore-based cybersecurity firm. |
July 10, 2024 |
|||
New OpenSSH Vulnerability May Lead to Remote Code Execution
A new vulnerability identified as CVE-2024-6409 has been discovered in OpenSSH, the secure networking suite. |
July 10, 2024 |
|||
Microsoft's July Security Update Exploited by Attackers, Patch for 139 Unique CVEs Released
Microsoft's July security update includes patches for a staggering 139 unique Common Vulnerabilities and Exposures (CVEs), two of which are already being exploited by attackers. |
July 9, 2024 |
|||
Blast-RADIUS Attack Exploits RADIUS Authentication Protocol Vulnerability
A new form of attack, known as Blast-RADIUS, is exploiting a weakness in the widely adopted RADIUS/UDP protocol. |
July 9, 2024 |
|||
Global Cybersecurity Agencies Issue Joint Advisory on China-affiliated APT40's Quick Exploit Adaptation
Eight global cybersecurity agencies have jointly warned about the rapid adaptability of a China-affiliated cyber espionage group, APT40. |
July 9, 2024 |
|||
Ghostscript Library's RCE Bug Now Being Exploited in Attacks
The Ghostscript document conversion toolkit, prevalent on many Linux systems, is under attack due to a remote code execution (RCE) vulnerability. |
July 8, 2024 |
|||
CISA Includes Cisco NX-OS Command Injection Vulnerability in its Known Exploited Vulnerabilities Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) catalog to include a Cisco NX-OS Command Injection Vulnerability, designated as CVE-2024-20399. |
July 8, 2024 |
|||
Vulnerabilities In The News |
||||
CVE | Summary | Severity | Vendor | Risk Context |
CVE-2024-38077 (6) | Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability | CRITICAL | Microsoft |
Remote Code Execution |
CVE-2024-38076 (6) | Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability | CRITICAL | Microsoft |
Remote Code Execution |
CVE-2024-6387 (8) | A security regression was discovered in OpenSSH's server . | HIGH | Openbsd, Freebsd, Netbsd, Redhat, Debian, Canonical, Suse, Netapp, Amazon |
Remote Code Execution Public Exploits Available |
CVE-2024-35264 (7) | .NET and Visual Studio Remote Code Execution Vulnerability | HIGH |
Remote Code Execution |
|
CVE-2024-38080 (13) | Windows Hyper-V Elevation of Privilege Vulnerability | HIGH | Microsoft |
CISA Known Exploited |
CVE-2024-38112 (14) | Windows MSHTML Platform Spoofing Vulnerability | HIGH | Microsoft |
CISA Known Exploited |
CVE-2024-6235 (7) | Sensitive information disclosure in NetScaler Console | N/A | Risk Context N/A | |
CVE-2024-3596 (7) | RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response to an... | N/A |
Actively Exploited Remote Code Execution Public Exploits Available |
|
CVE-2024-6236 (6) | Denial of Service in NetScaler Console , NetScaler Agent, and NetScaler SDX | N/A | Risk Context N/A |
CISA Known Exploited Vulnerabilities
CISA added three vulnerabilities to the known exploited vulnerabilities list.
In The News
Vulnerabilities receiving the most attention in traditional news media.
CVE-2024-38077 |
CRITICAL CVSS 9.80 EPSS Score 0.14 EPSS Percentile 50.58 |
Remote Code Execution |
Published: July 9, 2024 |
Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability |
Vendor Impacted: Microsoft |
Products Impacted: Windows Server 2022 23h2, Windows Server 2012, Windows Server 2008, Windows Server 2016, Windows Server 2022, Windows Server 2019 |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2024-38076 |
CRITICAL CVSS 9.80 EPSS Score 0.14 EPSS Percentile 50.58 |
Remote Code Execution |
Published: July 9, 2024 |
Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability |
Vendor Impacted: Microsoft |
Products Impacted: Windows Server 2016, Windows Server 2022, Windows Server 2019, Windows Server 2022 23h2 |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2024-6387 |
HIGH CVSS 8.10 EPSS Score 36.87 EPSS Percentile 97.22 |
Remote Code Execution Public Exploits Available |
Published: July 1, 2024 |
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period. |
Vendors Impacted: Openbsd, Freebsd, Netbsd, Redhat, Debian, Canonical, Suse, Netapp, Amazon |
Products Impacted: Linux Enterprise Micro, Openshift Container Platform, Ontap Tools, Enterprise Linux For Ibm Z Systems Eus, Enterprise Linux Server Aus, Enterprise Linux For Arm 64 Eus, Ubuntu Linux, Ontap Select Deploy Administration Utility, Openssh, Freebsd, Netbsd, Linux 2023, Debian Linux, Enterprise Linux For Arm 64, Enterprise Linux For Ibm Z Systems, Enterprise Linux For Power Little Endian Eus, Enterprise Linux, Enterprise Linux For Power Little Endian, E-Series Santricity Os Controller, Enterprise Linux Eus |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2024-35264 |
HIGH CVSS 8.10 EPSS Score 0.09 EPSS Percentile 39.40 |
Remote Code Execution |
Published: July 9, 2024 |
.NET and Visual Studio Remote Code Execution Vulnerability |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2024-38080 |
HIGH CVSS 7.80 EPSS Score 0.04 EPSS Percentile 9.80 |
CISA Known Exploited |
Published: July 9, 2024 |
Windows Hyper-V Elevation of Privilege Vulnerability |
Vendor Impacted: Microsoft |
Products Impacted: Windows 11 23h2, Windows Server 2022, Windows 11 22h2, Windows Server 2022 23h2, Windows , Windows 11 21h2 |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2024-38112 |
HIGH CVSS 7.50 EPSS Score 1.61 EPSS Percentile 87.60 |
CISA Known Exploited |
Published: July 9, 2024 |
Windows MSHTML Platform Spoofing Vulnerability |
Vendor Impacted: Microsoft |
Products Impacted: Windows 10 1507, Windows, Windows Server 2022 23h2, Windows 11 23h2, Windows Server 2008, Windows Server 2012, Windows 10 1607, Windows 10 1809, Windows Server 2016, Windows 10 21h2, Windows Server 2019, Windows Server 2022, Windows 11 22h2, Windows 10 22h2, Windows 11 21h2 |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2024-3596 |
CVSS Not Assigned EPSS Score 0.04 EPSS Percentile 15.93 |
Actively Exploited Remote Code Execution Public Exploits Available |
Published: July 9, 2024 |
RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature. |
Quotes
|
Headlines
|
Back to top ↑ |
Accelerate Security Teams
Schedule a free consultation with a vulnerability expert to discuss your use cases and to see a demo.