Snapshot
July 22, 2023 - July 28, 2023
CISA Known Exploited Vulnerabilities |
||||
---|---|---|---|---|
CVE | Summary | Severity | Vendor | Date Added |
CVE-2023-37580 | Zimbra Collaboration Suite (ZCS) contains a cross-site scripting vulnerability impacting the confidentiality and integrity of data. | N/A | Zimbra | July 27, 2023 |
CVE-2023-38606 | Apple iOS, iPadOS, macOS, tvOS, and watchOS contain an unspecified vulnerability allowing an app to modify a sensitive kernel state. | N/A | Apple | July 26, 2023 |
CVE-2023-35078 | Ivanti Endpoint Manager Mobile (EPMM, previously branded MobileIron Core) contains an authentication bypass vulnerability that allows unauthenticated access to specific API paths. An attacker with access to these API paths can access personally identifiable information (PII) such as names, phone numbers, and other mobile device details for users on a vulnerable system. An attacker can also make other configuration changes, including creating an EPMM administrative account that can make further changes to a vulnerable system. | N/A | Ivanti | July 25, 2023 |
Newswires |
||||
CISA Discovers New Submarine Malware in Hacked Barracuda ESG Appliances
The Cybersecurity and Infrastructure Security Agency (CISA) has identified a new malware strain, referred to as Submarine, in Barracuda ESG (Email Security Gateway) appliances. |
July 28, 2023 |
|||
Ivanti Addresses New Zero-Day Exploit Used in Norwegian Government Attacks
Ivanti has released security patches to address a path traversal flaw, identified as CVE-2023-35081, in its Endpoint Manager Mobile software, previously named MobileIron Core. |
July 28, 2023 |
|||
CISA Highlights Security Risks from IDOR Web App Vulnerabilities
In a joint advisory released today, the Cybersecurity and Infrastructure Security Agency (CISA), the Australian Cyber Security Centre (ACSC), and the U.S. National Security Agency (NSA) have alerted about the significant breach risks tied to insecure direct object reference (IDOR) vulnerabilities that affect web applications. |
July 28, 2023 |
|||
First Exploitation of Citrix ShareFile RCE Vulnerability Detected
The exploitation of a recent critical vulnerability in Citrix ShareFile, a popular cloud-based file-sharing and collaboration solution, has begun. |
July 28, 2023 |
|||
Zimbra Addresses Zero-Day Vulnerability Exploited in XSS Attacks
Zimbra has rolled out security patches to address a zero-day vulnerability that was being exploited in attacks aimed at Zimbra Collaboration Suite (ZCS) email servers. |
July 27, 2023 |
|||
US Government Contractor Maximus Suffers Massive Data Breach Affecting Millions
Maximus, a US government services contractor, has revealed a significant data breach, indicating that personal data of 8 to 11 million people was stolen during the recent MOVEit Transfer data-theft attacks. |
July 27, 2023 |
|||
Two Privilege Escalation Vulnerabilities Discovered in Linux Ubuntu, Impacting 40% of Users
Wiz Research has detected two significant privilege escalation vulnerabilities, labelled as CVE-2023-2640 and CVE-2023-32629, in the OverlayFS module of the Linux distribution Ubuntu. |
July 27, 2023 |
|||
SEC Implements New Rule for Cybersecurity Incident Disclosure
On July 26, the SEC implemented a new regulation that obliges companies to reveal any substantial cybersecurity incidents they encounter. |
July 26, 2023 |
|||
Critical Vulnerabilities in Microsoft Message Queuing Allow for Remote Attacks
Cybersecurity company Fortinet has revealed information about three critical and high-severity vulnerabilities in the Microsoft Message Queuing (MSMQ) service. |
July 26, 2023 |
|||
Vulnerabilities In The News |
||||
CVE | Summary | Severity | Vendor | Risk Context |
CVE-2023-34362 (4) | In Progress MOVEit Transfer before 2021.0.6 , 2021.1.4 , 2022.0.4 , 2022.1.5 , and 2023.0.1 , a SQL injection vulnerability h... | CRITICAL | Progress |
CISA Known Exploited Actively Exploited Remote Code Execution Used In Ransomware Public Exploits Available |
CVE-2023-30799 (6) | MikroTik RouterOS stable before 6.49.7 and long-term through 6.48.6 are vulnerable to a privilege escalation issue. | HIGH | Mikrotik |
Actively Exploited Remote Code Execution |
CVE-2023-38606 (6) | This issue was addressed with improved state management. | N/A | Apple |
CISA Known Exploited |
CVE-2023-37450 (6) | The issue was addressed with improved checks. | N/A | Apple |
CISA Known Exploited Actively Exploited Remote Code Execution |
CVE-2023-20593 (6) | An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensi... | N/A |
Actively Exploited Remote Code Execution |
CISA Known Exploited Vulnerabilities
CISA added three vulnerabilities to the known exploited vulnerabilities list.
Zimbra — Collaboration (ZCS) |
CVE-2023-37580 / Added: July 27, 2023 |
CVSS Not Assigned |
Zimbra Collaboration Suite (ZCS) contains a cross-site scripting vulnerability impacting the confidentiality and integrity of data. |
Headlines |
Apple — Multiple Products |
CVE-2023-38606 / Added: July 26, 2023 |
CVSS Not Assigned EPSS Score 0.12 EPSS Percentile 45.84 |
Apple iOS, iPadOS, macOS, tvOS, and watchOS contain an unspecified vulnerability allowing an app to modify a sensitive kernel state. |
Headlines
|
In The News
Vulnerabilities receiving the most attention in traditional news media.
CVE-2023-34362 |
CRITICAL CVSS 9.80 EPSS Score 94.05 EPSS Percentile 98.79 |
CISA Known Exploited Actively Exploited Remote Code Execution Used In Ransomware Public Exploits Available |
Published: June 2, 2023 |
In Progress MOVEit Transfer before 2021.0.6 (13.0.6), 2021.1.4 (13.1.4), 2022.0.4 (14.0.4), 2022.1.5 (14.1.5), and 2023.0.1 (15.0.1), a SQL injection vulnerability has been found in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain access to MOVEit Transfer's database. Depending on the database engine being used (MySQL, Microsoft SQL Server, or Azure SQL), an attacker may be able to infer information about the structure and contents of the database, and execute SQL statements that alter or delete database elements. NOTE: this is exploited in the wild in May and June 2023; exploitation of unpatched systems can occur via HTTP or HTTPS. All versions (e.g., 2020.0 and 2019x) before the five explicitly mentioned versions are affected, including older unsupported versions. |
Vendor Impacted: Progress |
Products Impacted: Moveit Cloud, Moveit Transfer |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-30799 |
HIGH CVSS 7.20 EPSS Score 0.06 EPSS Percentile 20.79 |
Actively Exploited Remote Code Execution |
Published: July 19, 2023 |
MikroTik RouterOS stable before 6.49.7 and long-term through 6.48.6 are vulnerable to a privilege escalation issue. A remote and authenticated attacker can escalate privileges from admin to super-admin on the Winbox or HTTP interface. The attacker can abuse this vulnerability to execute arbitrary code on the system. |
Vendor Impacted: Mikrotik |
Product Impacted: Routeros |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-38606 |
CVSS Not Assigned EPSS Score 0.12 EPSS Percentile 45.84 |
CISA Known Exploited |
Published: July 27, 2023 |
This issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.6.8, iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Big Sur 11.7.9, macOS Ventura 13.5, watchOS 9.6. An app may be able to modify sensitive kernel state. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7.1. |
Vendor Impacted: Apple |
Product Impacted: Multiple Products |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-37450 |
CVSS Not Assigned EPSS Score 0.14 EPSS Percentile 48.57 |
CISA Known Exploited Actively Exploited Remote Code Execution |
Published: July 27, 2023 |
The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, Safari 16.5.2, tvOS 16.6, macOS Ventura 13.5, watchOS 9.6. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. |
Vendor Impacted: Apple |
Product Impacted: Multiple Products |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-20593 |
CVSS Not Assigned EPSS Score 0.05 EPSS Percentile 14.08 |
Actively Exploited Remote Code Execution |
Published: July 24, 2023 |
An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information. |
Quotes
|
Headlines
|
Back to top ↑ |
Accelerate Security Teams
Schedule a free consultation with a vulnerability expert to discuss your use cases and to see a demo.