Snapshot
June 10, 2023 - June 16, 2023
CISA Known Exploited Vulnerabilities |
||||
---|---|---|---|---|
CVE | Summary | Severity | Vendor | Date Added |
CVE-2023-27997 | Fortinet FortiOS and FortiProxy SSL-VPN contain a heap-based buffer overflow vulnerability which can allow an unauthenticated, remote attacker to execute code or commands via specifically crafted requests. | CRITICAL | Fortinet | June 13, 2023 |
Newswires |
||||
Shell Falls Victim to Clop Ransomware Attack Exploiting MOVEit Zero-Day Vulnerability
Oil and gas giant Shell has become a victim of the Clop ransomware attack, which exploits a zero-day vulnerability in the MOVEit software. |
June 16, 2023 |
|||
Millions of State IDs Stolen in Oregon and Louisiana Due to MOVEit Breach
Millions of driver's licenses in Louisiana and Oregon were exposed in a data breach after the Clop ransomware gang hacked their MOVEit Transfer security file transfer systems. |
June 16, 2023 |
|||
Progress Addresses Third Flaw in MOVEit Transfer Software
Progress Software recently revealed a new SQL injection vulnerability affecting its MOVEit Transfer application. |
June 16, 2023 |
|||
US Government Agencies Targeted in Clop Ransomware Attacks Exploiting MOVEit Vulnerability
The US Department of Energy and other federal agencies have fallen victim to a series of cyberattacks by the Russian ransomware gang Clop, which exploited the MOVEit file-transfer vulnerability. |
June 15, 2023 |
|||
Chinese UNC4841 Group Targets Barracuda Email Security Gateway Zero-Day Vulnerability
A China-nexus threat actor called UNC4841 has been exploiting a recently patched zero-day vulnerability in Barracuda Email Security Gateway (ESG) appliances since October 2022. |
June 15, 2023 |
|||
Critical Security Flaw Found in WooCommerce Stripe Gateway Plugin
A critical security vulnerability has been discovered in the WooCommerce Stripe Gateway WordPress plugin, potentially leading to unauthorized disclosure of sensitive data. |
June 14, 2023 |
|||
Microsoft's June 2023 Patch Tuesday Addresses 78 Vulnerabilities, Including 38 RCE Bugs
Microsoft has released its June 2023 Patch Tuesday update, which addresses 78 security flaws, including 38 remote code execution (RCE) vulnerabilities. |
June 13, 2023 |
|||
Chinese Hackers Exploit VMware ESXi Zero-Day to Compromise VMs
VMware has patched a zero-day vulnerability (CVE-2023-20867) in its ESXi product after it was exploited by Chinese-sponsored hacking group UNC3886 to backdoor Windows and Linux virtual machines and steal data. |
June 13, 2023 |
|||
UK Regulator Ofcom Hit by Clop Ransomware via MOVEit File Transfer Zero-Day
Ofcom, the UK's communications regulator, has disclosed a data breach after being targeted by a Clop ransomware attack. |
June 13, 2023 |
|||
Fortinet Warns of Potential Exploitation of New FortiOS RCE Vulnerability
Fortinet has reported that a critical FortiOS SSL VPN vulnerability, which was patched last week, might have been exploited in attacks targeting government, manufacturing, and critical infrastructure organizations. |
June 12, 2023 |
|||
Exploit for MOVEit RCE Bug Released, Used in Data Theft Attacks
Horizon3 security researchers have recently made public a proof-of-concept (PoC) exploit code for a remote code execution (RCE) vulnerability in the MOVEit Transfer managed file transfer (MFT) solution. |
June 12, 2023 |
|||
Fortinet Addresses Critical RCE Vulnerability in Fortigate SSL-VPN Devices
Fortinet has released firmware updates for its Fortigate devices, addressing a critical pre-authentication remote code execution (RCE) vulnerability in SSL VPN devices. |
June 11, 2023 |
|||
Vulnerabilities In The News |
||||
CVE | Summary | Severity | Vendor | Risk Context |
CVE-2023-34362 (23) | In Progress MOVEit Transfer before 2021.0.6 , 2021.1.4 , 2022.0.4 , 2022.1.5 , and 2023.0.1 , a SQL injection vulnerability h... | CRITICAL | Progress |
CISA Known Exploited Actively Exploited Remote Code Execution Used In Ransomware Public Exploits Available |
CVE-2023-27997 (17) | A heap-based buffer overflow vulnerability [CWE-122] in FortiOS version 7.2.4 and below, version 7.0.11 and below, version 6.... | CRITICAL | Fortinet |
CISA Known Exploited Actively Exploited Remote Code Execution Public Exploits Available |
CVE-2023-32015 (11) | Windows Pragmatic General Multicast Remote Code Execution Vulnerability | CRITICAL |
Remote Code Execution |
|
CVE-2023-32014 (11) | Windows Pragmatic General Multicast Remote Code Execution Vulnerability | CRITICAL |
Remote Code Execution |
|
CVE-2023-29363 (10) | Windows Pragmatic General Multicast Remote Code Execution Vulnerability | CRITICAL |
Remote Code Execution |
|
CVE-2023-29357 (10) | Microsoft SharePoint Server Elevation of Privilege Vulnerability | CRITICAL | Risk Context N/A | |
CVE-2023-2868 (10) | A remote command injection vulnerability exists in the Barracuda Email Security Gateway product effecting versions 5.1.3.001... | CRITICAL | Barracuda, Barracuda Networks |
CISA Known Exploited Actively Exploited Remote Code Execution Used In Ransomware Public Exploits Available |
CVE-2023-3079 (7) | Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruptio... | HIGH | Debian, Google |
CISA Known Exploited Actively Exploited Remote Code Execution |
CVE-2023-20867 (8) | A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the confiden... | LOW |
Actively Exploited Remote Code Execution |
|
CVE-2023-35036 (10) | In Progress MOVEit Transfer before 2021.0.7 , 2021.1.5 , 2022.0.5 , 2022.1.6 , and 2023.0.2 , SQL injection vulnerabilities h... | N/A | Risk Context N/A |
CISA Known Exploited Vulnerabilities
CISA added one vulnerability to the known exploited vulnerabilities list.
In The News
Vulnerabilities receiving the most attention in traditional news media.
CVE-2023-34362 |
CRITICAL CVSS 9.80 EPSS Score 81.12 EPSS Percentile 97.85 |
CISA Known Exploited Actively Exploited Remote Code Execution Used In Ransomware Public Exploits Available |
Published: June 2, 2023 |
In Progress MOVEit Transfer before 2021.0.6 (13.0.6), 2021.1.4 (13.1.4), 2022.0.4 (14.0.4), 2022.1.5 (14.1.5), and 2023.0.1 (15.0.1), a SQL injection vulnerability has been found in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain access to MOVEit Transfer's database. Depending on the database engine being used (MySQL, Microsoft SQL Server, or Azure SQL), an attacker may be able to infer information about the structure and contents of the database, and execute SQL statements that alter or delete database elements. NOTE: this is exploited in the wild in May and June 2023; exploitation of unpatched systems can occur via HTTP or HTTPS. All versions (e.g., 2020.0 and 2019x) before the five explicitly mentioned versions are affected, including older unsupported versions. |
Vendor Impacted: Progress |
Products Impacted: Moveit Transfer, Moveit Cloud |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-27997 |
CRITICAL CVSS 9.80 EPSS Score 1.27 EPSS Percentile 83.74 |
CISA Known Exploited Actively Exploited Remote Code Execution Public Exploits Available |
Published: June 13, 2023 |
A heap-based buffer overflow vulnerability [CWE-122] in FortiOS version 7.2.4 and below, version 7.0.11 and below, version 6.4.12 and below, version 6.0.16 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below, version 1.2 all versions, version 1.1 all versions SSL-VPN may allow a remote attacker to execute arbitrary code or commands via specifically crafted requests. |
Vendor Impacted: Fortinet |
Product Impacted: Fortios And Fortiproxy Ssl-Vpn |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-32015 |
CRITICAL CVSS 9.80 EPSS Score 0.24 EPSS Percentile 60.54 |
Remote Code Execution |
Published: June 14, 2023 |
Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-32014 |
CRITICAL CVSS 9.80 EPSS Score 0.24 EPSS Percentile 60.54 |
Remote Code Execution |
Published: June 14, 2023 |
Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-29363 |
CRITICAL CVSS 9.80 EPSS Score 0.24 EPSS Percentile 60.54 |
Remote Code Execution |
Published: June 14, 2023 |
Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-29357 |
CRITICAL CVSS 9.80 EPSS Score 0.09 EPSS Percentile 37.86 |
Risk Context N/A |
Published: June 14, 2023 |
Microsoft SharePoint Server Elevation of Privilege Vulnerability |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-2868 |
CRITICAL CVSS 9.80 EPSS Score 1.64 EPSS Percentile 85.70 |
CISA Known Exploited Actively Exploited Remote Code Execution Used In Ransomware Public Exploits Available |
Published: May 24, 2023 |
A remote command injection vulnerability exists in the Barracuda Email Security Gateway (appliance form factor only) product effecting versions 5.1.3.001-9.2.0.006. The vulnerability arises out of a failure to comprehensively sanitize the processing of .tar file (tape archives). The vulnerability stems from incomplete input validation of a user-supplied .tar file as it pertains to the names of the files contained within the archive. As a consequence, a remote attacker can specifically format these file names in a particular manner that will result in remotely executing a system command through Perl's qx operator with the privileges of the Email Security Gateway product. This issue was fixed as part of BNSF-36456 patch. This patch was automatically applied to all customer appliances. |
Vendors Impacted: Barracuda, Barracuda Networks |
Products Impacted: Email Security Gateway (Esg) Appliance, Email Security Gateway 900, Email Security Gateway 400 Firmware, Email Security Gateway 600, Email Security Gateway 400, Email Security Gateway 300, Email Security Gateway 800, Email Security Gateway 800 Firmware, Email Security Gateway 600 Firmware, Email Security Gateway 900 Firmware, Email Security Gateway 300 Firmware |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-3079 |
HIGH CVSS 8.80 EPSS Score 0.18 EPSS Percentile 53.83 |
CISA Known Exploited Actively Exploited Remote Code Execution |
Published: June 5, 2023 |
Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
Vendors Impacted: Debian, Google |
Products Impacted: Debian Linux, Chromium V8 Engine |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-20867 |
LOW CVSS 3.90 EPSS Score 0.04 EPSS Percentile 7.00 |
Actively Exploited Remote Code Execution |
Published: June 13, 2023 |
A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine. |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-35036 |
CVSS Not Assigned EPSS Score 0.04 EPSS Percentile 8.37 |
Risk Context N/A |
Published: June 12, 2023 |
In Progress MOVEit Transfer before 2021.0.7 (13.0.7), 2021.1.5 (13.1.5), 2022.0.5 (14.0.5), 2022.1.6 (14.1.6), and 2023.0.2 (15.0.2), SQL injection vulnerabilities have been found in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain unauthorized access to MOVEit Transfer's database. An attacker could submit a crafted payload to a MOVEit Transfer application endpoint that could result in modification and disclosure of MOVEit database content. |
Quotes
|
Headlines
|
Back to top ↑ |
Accelerate Security Teams
Schedule a free consultation with a vulnerability expert to discuss your use cases and to see a demo.