Snapshot
July 8, 2023 - July 14, 2023
CISA Known Exploited Vulnerabilities |
||||
---|---|---|---|---|
CVE | Summary | Severity | Vendor | Date Added |
CVE-2022-29303 | SolarView Compact contains a command injection vulnerability due to improper validation of input values on the send test mail console of the product's web server. | CRITICAL | SolarView | July 13, 2023 |
CVE-2023-37450 | Apple iOS, iPadOS, macOS, and Safari WebKit contain an unspecified vulnerability that can allow an attacker to execute code when processing web content. | N/A | Apple | July 13, 2023 |
CVE-2022-31199 | Netwrix Auditor User Activity Video Recording component contains an insecure objection deserialization vulnerability that allows an unauthenticated, remote attacker to execute code as the NT AUTHORITY\SYSTEM user. Successful exploitation requires that the attacker is able to reach port 9004/TCP, which is commonly blocked by standard enterprise firewalling. | CRITICAL | Netwrix | July 11, 2023 |
CVE-2023-35311 | Microsoft Outlook contains a security feature bypass vulnerability that allows an attacker to bypass the Microsoft Outlook Security Notice prompt. | HIGH | Microsoft | July 11, 2023 |
CVE-2023-32049 | Microsoft Windows Defender SmartScreen contains a security feature bypass vulnerability that allows an attacker to bypass the Open File - Security Warning prompt. | HIGH | Microsoft | July 11, 2023 |
CVE-2023-32046 | Microsoft Windows MSHTML Platform contains an unspecified vulnerability that allows for privilege escalation. | HIGH | Microsoft | July 11, 2023 |
CVE-2023-36874 | Microsoft Windows Error Reporting Service contains an unspecified vulnerability that allows for privilege escalation. | HIGH | Microsoft | July 11, 2023 |
Newswires |
||||
Critical Vulnerability Detected in Cisco SD-WAN vManage Software
Cisco's SD-WAN vManage, a cloud-based solution used by organizations for managing distributed networks across multiple locations, has been found to contain a critical vulnerability. |
July 13, 2023 |
|||
Zimbra Calls for Manual Patching of Actively Exploited Zero-Day Vulnerability
Zimbra, the company behind Zimbra Collaboration Suite (ZCS), is asking its customers to manually update their systems due to an actively exploited zero-day vulnerability. |
July 13, 2023 |
|||
BlackLotus UEFI Malware Source Code Leaked on GitHub
The BlackLotus UEFI bootkit, a malware that targets Windows systems and can bypass Secure Boot on fully patched Windows 11 installations, has had its source code leaked online. |
July 13, 2023 |
|||
Critical Vulnerabilities Discovered in Honeywell Industrial Control Systems
Armis, a cybersecurity firm, has identified multiple vulnerabilities in Honeywell's distributed control system (DCS) products, potentially exposing industrial organizations to cyber-attacks. |
July 13, 2023 |
|||
Critical Security Flaws Patched in SonicWall's GMS and Analytics Products
SonicWall, a leader in network security, has released patches for 15 vulnerabilities found in its Global Management System (GMS) and Analytics products. |
July 13, 2023 |
|||
APT Group Targets Rockwell Automation Flaws, Poses Threat to Critical Infrastructure
An undisclosed Advanced Persistent Threat (APT) group has identified and is exploiting two vulnerabilities in Rockwell Automation products. |
July 13, 2023 |
|||
Apple Rectifies and Re-Releases Security Update Following WebKit Zero-Day Vulnerability
Apple has addressed and re-released critical security updates that tackle a WebKit zero-day vulnerability that was being taken advantage of in cyber attacks. |
July 12, 2023 |
|||
Critical Remote Code Execution Vulnerability Discovered in Ghostscript PDF Library
Ghostscript, a popular open-source interpreter for PostScript language and widely used PDF files in Linux, has been found to have a severe remote code execution flaw. |
July 12, 2023 |
|||
Critical Remote Code Execution Vulnerability Detected in Fortinet's FortiOS and FortiProxy Devices
Fortinet, a leading cybersecurity solutions provider, has reported a critical severity flaw in its FortiOS and FortiProxy devices. |
July 12, 2023 |
|||
Critical Vulnerability in Citrix Secure Access Client for Ubuntu Patched
Citrix has addressed a critical vulnerability in its Secure Access client for Ubuntu that could potentially lead to remote code execution (RCE). |
July 12, 2023 |
|||
SAP Addresses Critical Flaw in ECC and S/4HANA Products with New Security Patches
On its July 2023 Security Patch Day, SAP, the German enterprise software maker, unveiled 16 fresh security notes. |
July 12, 2023 |
|||
Microsoft Reveals Unpatched Office Zero-Day Exploited During NATO Summit
Microsoft has announced the discovery of an unpatched zero-day security vulnerability in several of its Windows and Office products. |
July 11, 2023 |
|||
Microsoft's July 2023 Patch Tuesday Addresses 132 Vulnerabilities, Including 6 Zero-Days
Microsoft's July 2023 Patch Tuesday has seen the release of security updates addressing 132 flaws, six of which are zero-days that are being actively exploited. |
July 11, 2023 |
|||
Apple's Emergency Security Updates Disrupt Web Browsing on Some Sites
Apple has confirmed that the emergency security updates it released on Monday, aimed at addressing a zero-day vulnerability, have inadvertently caused browsing issues on some websites. |
July 11, 2023 |
|||
Critical Exploit in VMware vRealize: A Call for Urgent Patching
VMware has alerted its customers about the existence of exploit code for a critical flaw (CVE-2023-20864) in the VMware Aria Operations for Logs analysis tool. |
July 10, 2023 |
|||
Apple Rolls Out Urgent Security Update to Address Active Zero-Day Exploits
Apple has launched a Rapid Security Response (RSR) to address an active zero-day vulnerability, identified as CVE-2023-37450, affecting fully-patched iPhones, iPads, and Macs. |
July 10, 2023 |
|||
PoC Exploit Released for Recent Ubiquiti EdgeRouter Flaw
A vulnerability recently patched in Ubiquiti's EdgeRouter and AirCube devices could be exploited to execute arbitrary code, according to SSD Secure Disclosure, a firm that reports on such vulnerabilities. |
July 10, 2023 |
|||
RomCom RAT Cyber Attacks Target NATO Summit and Ukraine Support Groups
The RomCom RAT is suspected of launching phishing attacks targeting the forthcoming NATO Summit in Vilnius and a group assisting Ukraine. |
July 10, 2023 |
|||
Vulnerabilities In The News |
||||
CVE | Summary | Severity | Vendor | Risk Context |
CVE-2023-3595 (5) | Where this vulnerability exists in the Rockwell Automation 1756 EN2* and 1756 EN3* ControlLogix communication products, it c... | CRITICAL |
Actively Exploited Remote Code Execution |
|
CVE-2023-32049 (9) | Windows SmartScreen Security Feature Bypass Vulnerability | HIGH | Microsoft |
CISA Known Exploited |
CVE-2023-35311 (8) | Microsoft Outlook Security Feature Bypass Vulnerability | HIGH | Microsoft |
CISA Known Exploited |
CVE-2023-32046 (8) | Windows MSHTML Platform Elevation of Privilege Vulnerability | HIGH | Microsoft |
CISA Known Exploited |
CVE-2022-30190 (6) | Microsoft Windows Support Diagnostic Tool Remote Code Execution Vulnerability. | HIGH | Microsoft |
CISA Known Exploited Actively Exploited Remote Code Execution Public Exploits Available |
CVE-2023-36874 (5) | Windows Error Reporting Service Elevation of Privilege Vulnerability | HIGH | Microsoft |
CISA Known Exploited |
CVE-2023-36884 (17) | Microsoft is investigating reports of a series of remote code execution vulnerabilities impacting Windows and Office products. | N/A |
Actively Exploited Remote Code Execution Used In Ransomware Public Exploits Available |
CISA Known Exploited Vulnerabilities
CISA added seven vulnerabilities to the known exploited vulnerabilities list.
SolarView — Compact |
CVE-2022-29303 / Added: July 13, 2023 |
CRITICAL CVSS 9.80 EPSS Score 96.07 EPSS Percentile 99.24 |
SolarView Compact contains a command injection vulnerability due to improper validation of input values on the send test mail console of the product's web server. |
Headlines
|
Microsoft — Outlook |
CVE-2023-35311 / Added: July 11, 2023 |
HIGH CVSS 8.80 EPSS Score 0.75 EPSS Percentile 78.60 |
Microsoft Outlook contains a security feature bypass vulnerability that allows an attacker to bypass the Microsoft Outlook Security Notice prompt. |
Headlines
|
Microsoft — Windows |
CVE-2023-32046 / Added: July 11, 2023 |
HIGH CVSS 7.80 EPSS Score 0.08 EPSS Percentile 31.09 |
Microsoft Windows MSHTML Platform contains an unspecified vulnerability that allows for privilege escalation. |
Headlines
|
Microsoft — Windows |
CVE-2023-36874 / Added: July 11, 2023 |
HIGH CVSS 7.80 EPSS Score 0.14 EPSS Percentile 49.48 |
Microsoft Windows Error Reporting Service contains an unspecified vulnerability that allows for privilege escalation. |
Headlines
|
In The News
Vulnerabilities receiving the most attention in traditional news media.
CVE-2023-3595 |
CRITICAL CVSS 9.80 EPSS Score 0.04 EPSS Percentile 12.54 |
Actively Exploited Remote Code Execution |
Published: July 12, 2023 |
Where this vulnerability exists in the Rockwell Automation 1756 EN2* and 1756 EN3* ControlLogix communication products, it could allow a malicious user to perform remote code execution with persistence on the target system through maliciously crafted CIP messages. This includes the ability to modify, deny, and exfiltrate data passing through the device. |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-32049 |
HIGH CVSS 8.80 EPSS Score 0.79 EPSS Percentile 79.31 |
CISA Known Exploited |
Published: July 11, 2023 |
Windows SmartScreen Security Feature Bypass Vulnerability |
Vendor Impacted: Microsoft |
Products Impacted: Windows 11 22h2, Windows 11 21h2, Windows, Windows 10 1607, Windows Server 2022, Windows Server 2016, Windows 10 21h2, Windows Server 2019, Windows 10 1809, Windows 10 22h2 |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-35311 |
HIGH CVSS 8.80 EPSS Score 0.75 EPSS Percentile 78.60 |
CISA Known Exploited |
Published: July 11, 2023 |
Microsoft Outlook Security Feature Bypass Vulnerability |
Vendor Impacted: Microsoft |
Products Impacted: 365 Apps, Outlook, Office Long Term Servicing Channel, Office |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-32046 |
HIGH CVSS 7.80 EPSS Score 0.08 EPSS Percentile 31.09 |
CISA Known Exploited |
Published: July 11, 2023 |
Windows MSHTML Platform Elevation of Privilege Vulnerability |
Vendor Impacted: Microsoft |
Products Impacted: Windows 11 22h2, Windows 11 21h2, Windows, Windows 10 1607, Windows Server 2022, Windows Server 2016, Windows Server 2008, Windows 10 1507, Windows 10 21h2, Windows Server 2019, Windows 10 1809, Windows Server 2012, Windows 10 22h2 |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2022-30190 |
HIGH CVSS 7.80 EPSS Score 97.32 EPSS Percentile 99.80 |
CISA Known Exploited Actively Exploited Remote Code Execution Public Exploits Available |
Published: June 1, 2022 |
Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability. |
Vendor Impacted: Microsoft |
Products Impacted: Windows 10, Windows Rt 8.1, Windows 8.1, Windows, Windows Server 2022, Windows 11, Windows 7, Windows Server 2016, Windows Server 2008, Windows Server 2019, Windows Server 2012 |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-36874 |
HIGH CVSS 7.80 EPSS Score 0.14 EPSS Percentile 49.48 |
CISA Known Exploited |
Published: July 11, 2023 |
Windows Error Reporting Service Elevation of Privilege Vulnerability |
Vendor Impacted: Microsoft |
Product Impacted: Windows |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-36884 |
CVSS Not Assigned EPSS Score 0.05 EPSS Percentile 17.49 |
Actively Exploited Remote Code Execution Used In Ransomware Public Exploits Available |
Published: July 11, 2023 |
Microsoft is investigating reports of a series of remote code execution vulnerabilities impacting Windows and Office products. Microsoft is aware of targeted attacks that attempt to exploit these vulnerabilities by using specially-crafted Microsoft Office documents. An attacker could create a specially crafted Microsoft Office document that enables them to perform remote code execution in the context of the victim. However, an attacker would have to convince the victim to open the malicious file. Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This might include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs. Please see the Microsoft Threat Intelligence Blog https://aka.ms/Storm-0978 Entry for important information about steps you can take to protect your system from this vulnerability. This CVE will be updated with new information and links to security updates when they become available. |
Quotes
|
Headlines
|
Back to top ↑ |
Accelerate Security Teams
Schedule a free consultation with a vulnerability expert to discuss your use cases and to see a demo.