Snapshot
June 24, 2023 - June 30, 2023
CISA Known Exploited Vulnerabilities |
||||
---|---|---|---|---|
CVE | Summary | Severity | Vendor | Date Added |
CVE-2019-17621 | D-Link DIR-859 router contains a command execution vulnerability in the UPnP endpoint URL, /gena.cgi. Exploitation allows an unauthenticated remote attacker to execute system commands as root by sending a specially crafted HTTP SUBSCRIBE request to the UPnP service when connecting to the local network. | CRITICAL | D-Link | June 29, 2023 |
CVE-2019-20500 | D-Link DWL-2600AP access point contains an authenticated command injection vulnerability via the Save Configuration functionality in the Web interface, using shell metacharacters in the admin.cgi?action=config_save configBackup or downloadServerip parameter. | HIGH | D-Link | June 29, 2023 |
CVE-2021-25487 | Samsung mobile devices contain an out-of-bounds read vulnerability within the modem interface driver due to a lack of boundary checking of a buffer in set_skb_priv(), leading to remote code execution by dereference of an invalid function pointer. | HIGH | Samsung | June 29, 2023 |
CVE-2021-25371 | Samsung mobile devices contain an unspecified vulnerability within DSP driver that allows attackers to load ELF libraries inside DSP. | MEDIUM | Samsung | June 29, 2023 |
CVE-2021-25372 | Samsung mobile devices contain an improper boundary check vulnerability within DSP driver that allows for out-of-bounds memory access. | MEDIUM | Samsung | June 29, 2023 |
CVE-2021-25395 | Samsung mobile devices contain a race condition vulnerability within the MFC charger driver that leads to a use-after-free allowing for a write given a radio privilege is compromised. | MEDIUM | Samsung | June 29, 2023 |
CVE-2021-25394 | Samsung mobile devices contain a race condition vulnerability within the MFC charger driver that leads to a use-after-free allowing for a write given a radio privilege is compromised. | MEDIUM | Samsung | June 29, 2023 |
CVE-2021-25489 | Samsung mobile devices contain an improper input validation vulnerability within the modem interface driver that results in a format string bug leading to kernel panic. | MEDIUM | Samsung | June 29, 2023 |
Newswires |
||||
Samsung Smartphone Vulnerabilities Likely Exploited by Spyware Vendor Added to CISA 'Must Patch' List
The US Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities Catalog to include six vulnerabilities affecting Samsung smartphones. |
June 30, 2023 |
|||
Critical SAP Vulnerabilities Unveiled, Including Wormable Exploit Chain
A cybersecurity company has brought to light critical vulnerabilities in SAP, including a wormable exploit chain, that could make organizations susceptible to attacks. |
June 29, 2023 |
|||
Critical Vulnerability in miniOrange Social Login WordPress Plugin Exposes User Accounts
A severe security flaw in the Social Login and Register plugin for WordPress, developed by miniOrange, has been revealed. |
June 29, 2023 |
|||
High-Severity Security Flaw in Arcserve UDP Backup Software Addressed
Arcserve, a data protection provider, has patched a high-severity security vulnerability in its Unified Data Protection (UDP) backup software. |
June 28, 2023 |
|||
Schneider Electric and Siemens Energy Fall Prey to Clop Ransomware Attack
The Clop ransomware group has added five new victims to its dark web leak site, including Schneider Electric and Siemens Energy. |
June 27, 2023 |
|||
Fortinet's FortiNAC Vulnerability Could Lead to Arbitrary Code Execution Attacks
Fortinet has issued updates to rectify a significant security vulnerability in its FortiNAC network access control solution, which could result in the execution of arbitrary code. |
June 27, 2023 |
|||
Chinese APT 'Volt Typhoon' Exploits Zoho ManageEngine Vulnerability
The Chinese state-sponsored APT group 'Volt Typhoon', also known as 'Vanguard Panda', has been found exploiting a critical vulnerability in Zoho's ManageEngine ADSelfService Plus. |
June 26, 2023 |
|||
Massive Data Breach at NYC Department of Education: 45,000 Students' Data Stolen
The NYC DOE has reported a substantial data breach that has affected its MOVEit Transfer server, leading to the theft of sensitive personal information of approximately 45,000 students. |
June 26, 2023 |
|||
China-Linked APT Group VANGUARD PANDA Employs New Techniques in Recent Cyber Attacks
CrowdStrike researchers have noticed a new approach employed by the China-linked APT group VANGUARD PANDA, or Volt Typhoon, to infiltrate target networks. |
June 26, 2023 |
|||
Russian Hackers Conducting Widescale Credential-Stealing Attacks, Warns Microsoft
Microsoft has issued a warning regarding a significant increase in credential-stealing attacks being carried out by the Russian state-affiliated hacker group, Midnight Blizzard. |
June 26, 2023 |
|||
Critical Authentication Bypass in Grafana Due to Azure AD Integration
Grafana has issued security patches for several versions of its software to address a critical vulnerability, CVE-2023-3128, which enables attackers to bypass authentication and take control of any Grafana account that uses Azure Active Directory (AD) for authentication. |
June 24, 2023 |
|||
Vulnerabilities In The News |
||||
CVE | Summary | Severity | Vendor | Risk Context |
CVE-2023-34362 (5) | In Progress MOVEit Transfer before 2021.0.6 , 2021.1.4 , 2022.0.4 , 2022.1.5 , and 2023.0.1 , a SQL injection vulnerability h... | CRITICAL | Progress |
CISA Known Exploited Actively Exploited Remote Code Execution Used In Ransomware Public Exploits Available |
CVE-2023-27992 (3) | The pre-authentication command injection vulnerability in the Zyxel NAS326 firmware versions prior to V5.21C0, NAS540 firmwar... | CRITICAL | Zyxel |
CISA Known Exploited Actively Exploited |
CVE-2023-20887 (3) | Aria Operations for Networks contains a command injection vulnerability. | CRITICAL | Vmware |
CISA Known Exploited Actively Exploited Remote Code Execution Public Exploits Available |
CVE-2023-3128 (3) | Grafana is validating Azure AD accounts based on the email claim. | CRITICAL |
Actively Exploited Remote Code Execution |
|
CVE-2023-32439 (4) | A type confusion issue was addressed with improved checks. | HIGH | Apple |
CISA Known Exploited |
CVE-2023-32435 (4) | A memory corruption issue was addressed with improved state management. | HIGH | Apple |
CISA Known Exploited |
CVE-2023-32434 (5) | An integer overflow was addressed with improved input validation. | HIGH | Apple |
CISA Known Exploited Actively Exploited |
CVE-2023-2829 (3) | A `named` instance configured to run as a DNSSEC-validating recursive resolver with the Aggressive Use of DNSSEC-Validated Ca... | HIGH | Risk Context N/A | |
CVE-2023-2828 (3) | Every `named` instance configured to run as a recursive resolver maintains a cache database holding the responses to the quer... | HIGH | Risk Context N/A |
CISA Known Exploited Vulnerabilities
CISA added eight vulnerabilities to the known exploited vulnerabilities list.
D-Link — DIR-859 Router |
CVE-2019-17621 / Added: June 29, 2023 |
CRITICAL CVSS 9.80 EPSS Score 97.51 EPSS Percentile 99.97 |
D-Link DIR-859 router contains a command execution vulnerability in the UPnP endpoint URL, /gena.cgi. Exploitation allows an unauthenticated remote attacker to execute system commands as root by sending a specially crafted HTTP SUBSCRIBE request to the UPnP service when connecting to the local network. |
D-Link — DWL-2600AP Access Point |
CVE-2019-20500 / Added: June 29, 2023 |
HIGH CVSS 7.80 EPSS Score 0.09 EPSS Percentile 37.39 |
D-Link DWL-2600AP access point contains an authenticated command injection vulnerability via the Save Configuration functionality in the Web interface, using shell metacharacters in the admin.cgi?action=config_save configBackup or downloadServerip parameter. |
Samsung — Mobile Devices |
CVE-2021-25487 / Added: June 29, 2023 |
HIGH CVSS 7.80 EPSS Score 0.06 EPSS Percentile 24.92 |
Samsung mobile devices contain an out-of-bounds read vulnerability within the modem interface driver due to a lack of boundary checking of a buffer in set_skb_priv(), leading to remote code execution by dereference of an invalid function pointer. |
Headlines |
Samsung — Mobile Devices |
CVE-2021-25371 / Added: June 29, 2023 |
MEDIUM CVSS 6.70 EPSS Score 0.06 EPSS Percentile 24.92 |
Samsung mobile devices contain an unspecified vulnerability within DSP driver that allows attackers to load ELF libraries inside DSP. |
Headlines |
Samsung — Mobile Devices |
CVE-2021-25372 / Added: June 29, 2023 |
MEDIUM CVSS 6.70 EPSS Score 0.06 EPSS Percentile 24.92 |
Samsung mobile devices contain an improper boundary check vulnerability within DSP driver that allows for out-of-bounds memory access. |
Headlines |
Samsung — Mobile Devices |
CVE-2021-25395 / Added: June 29, 2023 |
MEDIUM CVSS 6.40 EPSS Score 0.06 EPSS Percentile 23.48 |
Samsung mobile devices contain a race condition vulnerability within the MFC charger driver that leads to a use-after-free allowing for a write given a radio privilege is compromised. |
Headlines |
Samsung — Mobile Devices |
CVE-2021-25394 / Added: June 29, 2023 |
MEDIUM CVSS 6.40 EPSS Score 0.06 EPSS Percentile 24.92 |
Samsung mobile devices contain a race condition vulnerability within the MFC charger driver that leads to a use-after-free allowing for a write given a radio privilege is compromised. |
Headlines |
Samsung — Mobile Devices |
CVE-2021-25489 / Added: June 29, 2023 |
MEDIUM CVSS 5.50 EPSS Score 0.04 EPSS Percentile 8.46 |
Samsung mobile devices contain an improper input validation vulnerability within the modem interface driver that results in a format string bug leading to kernel panic. |
Headlines |
In The News
Vulnerabilities receiving the most attention in traditional news media.
CVE-2023-34362 |
CRITICAL CVSS 9.80 EPSS Score 79.99 EPSS Percentile 97.82 |
CISA Known Exploited Actively Exploited Remote Code Execution Used In Ransomware Public Exploits Available |
Published: June 2, 2023 |
In Progress MOVEit Transfer before 2021.0.6 (13.0.6), 2021.1.4 (13.1.4), 2022.0.4 (14.0.4), 2022.1.5 (14.1.5), and 2023.0.1 (15.0.1), a SQL injection vulnerability has been found in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain access to MOVEit Transfer's database. Depending on the database engine being used (MySQL, Microsoft SQL Server, or Azure SQL), an attacker may be able to infer information about the structure and contents of the database, and execute SQL statements that alter or delete database elements. NOTE: this is exploited in the wild in May and June 2023; exploitation of unpatched systems can occur via HTTP or HTTPS. All versions (e.g., 2020.0 and 2019x) before the five explicitly mentioned versions are affected, including older unsupported versions. |
Vendor Impacted: Progress |
Products Impacted: Moveit Transfer, Moveit Cloud |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-27992 |
CRITICAL CVSS 9.80 EPSS Score 0.26 EPSS Percentile 62.16 |
CISA Known Exploited Actively Exploited |
Published: June 19, 2023 |
The pre-authentication command injection vulnerability in the Zyxel NAS326 firmware versions prior to V5.21(AAZF.14)C0, NAS540 firmware versions prior to V5.21(AATB.11)C0, and NAS542 firmware versions prior to V5.21(ABAG.11)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands remotely by sending a crafted HTTP request. |
Vendor Impacted: Zyxel |
Product Impacted: Multiple Network-Attached Storage (Nas) Devices |
Quotes
|
Headlines |
Back to top ↑ |
CVE-2023-20887 |
CRITICAL CVSS 9.80 EPSS Score 82.71 EPSS Percentile 97.92 |
CISA Known Exploited Actively Exploited Remote Code Execution Public Exploits Available |
Published: June 7, 2023 |
Aria Operations for Networks contains a command injection vulnerability. A malicious actor with network access to VMware Aria Operations for Networks may be able to perform a command injection attack resulting in remote code execution. |
Vendor Impacted: Vmware |
Products Impacted: Aria Operations For Networks, Vrealize Network Insight |
Quotes
|
Headlines |
Back to top ↑ |
CVE-2023-3128 |
CRITICAL CVSS 9.40 EPSS Score 0.04 EPSS Percentile 7.01 |
Actively Exploited Remote Code Execution |
Published: June 22, 2023 |
Grafana is validating Azure AD accounts based on the email claim. On Azure AD, the profile email field is not unique and can be easily modified. This leads to account takeover and authentication bypass when Azure AD OAuth is configured with a multi-tenant app. |
Quotes
|
Headlines |
Back to top ↑ |
CVE-2023-32439 |
HIGH CVSS 8.80 EPSS Score 0.12 EPSS Percentile 44.23 |
CISA Known Exploited |
Published: June 23, 2023 |
A type confusion issue was addressed with improved checks. This issue is fixed in iOS 16.5.1 and iPadOS 16.5.1, Safari 16.5.1, macOS Ventura 13.4.1, iOS 15.7.7 and iPadOS 15.7.7. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. |
Vendor Impacted: Apple |
Products Impacted: Ipados, Multiple Products, Iphone Os, Macos, Safari |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-32435 |
HIGH CVSS 8.80 EPSS Score 0.16 EPSS Percentile 51.98 |
CISA Known Exploited |
Published: June 23, 2023 |
A memory corruption issue was addressed with improved state management. This issue is fixed in Safari 16.4, iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3, iOS 15.7.7 and iPadOS 15.7.7. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7. |
Vendor Impacted: Apple |
Products Impacted: Ipados, Multiple Products, Iphone Os, Macos, Safari |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-32434 |
HIGH CVSS 7.80 EPSS Score 0.16 EPSS Percentile 51.15 |
CISA Known Exploited Actively Exploited |
Published: June 23, 2023 |
An integer overflow was addressed with improved input validation. This issue is fixed in watchOS 8.8.1, iOS 16.5.1 and iPadOS 16.5.1, iOS 15.7.7 and iPadOS 15.7.7, macOS Big Sur 11.7.8, macOS Monterey 12.6.7, macOS Ventura 13.4.1, watchOS 9.5.2. An app may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7. |
Vendor Impacted: Apple |
Products Impacted: Ipados, Multiple Products, Watchos, Iphone Os, Macos |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-2829 |
HIGH CVSS 7.50 EPSS Score 0.05 EPSS Percentile 14.02 |
Risk Context N/A |
Published: June 21, 2023 |
A `named` instance configured to run as a DNSSEC-validating recursive resolver with the Aggressive Use of DNSSEC-Validated Cache (RFC 8198) option (`synth-from-dnssec`) enabled can be remotely terminated using a zone with a malformed NSEC record. This issue affects BIND 9 versions 9.16.8-S1 through 9.16.41-S1 and 9.18.11-S1 through 9.18.15-S1. |
Quotes
|
Headlines |
Back to top ↑ |
CVE-2023-2828 |
HIGH CVSS 7.50 EPSS Score 0.05 EPSS Percentile 18.04 |
Risk Context N/A |
Published: June 21, 2023 |
Every `named` instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent to authoritative servers. The size limit for that cache database can be configured using the `max-cache-size` statement in the configuration file; it defaults to 90% of the total amount of memory available on the host. When the size of the cache reaches 7/8 of the configured limit, a cache-cleaning algorithm starts to remove expired and/or least-recently used RRsets from the cache, to keep memory use below the configured limit. It has been discovered that the effectiveness of the cache-cleaning algorithm used in `named` can be severely diminished by querying the resolver for specific RRsets in a certain order, effectively allowing the configured `max-cache-size` limit to be significantly exceeded. This issue affects BIND 9 versions 9.11.0 through 9.16.41, 9.18.0 through 9.18.15, 9.19.0 through 9.19.13, 9.11.3-S1 through 9.16.41-S1, and 9.18.11-S1 through 9.18.15-S1. |
Quotes
|
Headlines |
Back to top ↑ |
Accelerate Security Teams
Schedule a free consultation with a vulnerability expert to discuss your use cases and to see a demo.