Snapshot
May 4, 2024 - May 10, 2024
CISA Known Exploited Vulnerabilities |
||||
---|---|---|---|---|
No issues added to the CISA Known Exploited Vulnerability list. | ||||
Newswires |
||||
Millions of IoT Devices Vulnerable Due to Flaws in Telit Cinterion Modems
A series of vulnerabilities in Telit Cinterion modems, commonly used in IoT devices across industries such as finance, telecoms, healthcare, and automotive, have been discovered, putting millions of devices at risk. |
May 10, 2024 |
|||
New 'LLMjacking' Attack Exploits Cloud-Hosted AI Models
A new form of cyber attack, termed 'LLMjacking' by the Sysdig Threat Research Team, has been identified. |
May 10, 2024 |
|||
Poland Accuses Russian Military Hackers of Targeting Its Government Networks
Poland has reported that a state-sponsored threat group connected to Russia's military intelligence service, known as the GRU, has been perpetrating cyberattacks on Polish government institutions throughout the week. |
May 9, 2024 |
|||
F5 Networks' BIG-IP Next Central Manager Faces Multiple Vulnerabilities, Including Full Takeover and Hidden Accounts
F5 Networks' BIG-IP Next Central Manager, a key component in managing F5's suite of software and hardware products for application delivery and security, has been found to have five vulnerabilities that could potentially allow an attacker to gain full control and create hidden accounts within any F5-branded assets. |
May 9, 2024 |
|||
Citrix Urges Admins to Manually Address PuTTY SSH Client Vulnerability
This week, Citrix has notified its customers about a vulnerability in the PuTTY SSH client that could potentially enable attackers to steal the private SSH key of a XenCenter administrator. |
May 9, 2024 |
|||
Mirai Botnet Exploits Ivanti Connect Secure Vulnerabilities
Juniper Threat Labs has reported that unidentified threat actors are exploiting recently exposed vulnerabilities in Ivanti Connect Secure (ICS) to distribute the payload of the Mirai botnet. |
May 9, 2024 |
|||
High-Severity Vulnerabilities in BIG-IP Next Central Manager Patched by F5
F5 has rectified two serious vulnerabilities in its BIG-IP Next Central Manager, which, if exploited, could grant an attacker administrative control and the ability to establish hidden rogue accounts on any assets under management. |
May 8, 2024 |
|||
Cybercriminals Target Outdated LiteSpeed Cache Plugin to Gain Control of WordPress Sites
Hackers have been exploiting a flaw in an outdated version of the LiteSpeed Cache plugin used by WordPress sites to create administrator users and gain control of the sites. |
May 7, 2024 |
|||
China-Linked Cyber Espionage Targets MITRE Network: ROOTROT Webshell Exploited
MITRE Corporation has released additional information about a cyber attack that was first detected in late December 2023. |
May 7, 2024 |
|||
Citrix Resolves High-Risk Flaw in NetScaler Servers Similar to Past CitrixBleed Vulnerability
Citrix has reportedly fixed a high-risk vulnerability in its NetScaler Application Delivery Control (ADC) and Gateway appliances. |
May 7, 2024 |
|||
Critical Vulnerability in Tinyproxy Exposes Over 50,000 Hosts to Risk of Remote Code Execution
A severe unpatched security flaw, identified as CVE-2023-49606, in the HTTP/HTTPS proxy tool Tinyproxy has left more than half of roughly 90,310 hosts exposed to potential security breaches. |
May 6, 2024 |
|||
China-Linked Actors Suspected in ArcaneDoor Cyber Espionage Targeting Network Devices
A recently discovered cyber espionage campaign, dubbed ArcaneDoor, has been linked to potential China-based actors. |
May 6, 2024 |
|||
NATO and EU Condemn APT28's Cyber Espionage Operations
Both NATO and the European Union have issued statements condemning the cyber espionage activities conducted by the APT28 threat actor, which is linked to Russia. |
May 5, 2024 |
|||
Vulnerabilities In The News |
||||
CVE | Summary | Severity | Vendor | Risk Context |
CVE-2023-49606 (7) | A use-after-free vulnerability exists in the HTTP Connection Headers parsing in Tinyproxy 1.11.1 and Tinyproxy 1.10.0. | CRITICAL |
Actively Exploited Remote Code Execution Public Exploits Available |
|
CVE-2023-23397 (5) | Microsoft Outlook Elevation of Privilege Vulnerability | CRITICAL | Microsoft |
CISA Known Exploited Actively Exploited Remote Code Execution Public Exploits Available |
CVE-2023-47610 (3) | A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8,... | CRITICAL | Telit |
Actively Exploited Remote Code Execution |
CVE-2024-21887 (8) | A command injection vulnerability in web components of Ivanti Connect Secure and Ivanti Policy Secure allows an authentica... | CRITICAL | Ivanti |
CISA Known Exploited Actively Exploited Remote Code Execution Public Exploits Available |
CVE-2023-40000 (3) | Improper Neutralization of Input During Web Page Generation vulnerability in LiteSpeed Technologies LiteSpeed Cache allows S... | HIGH |
Actively Exploited Public Exploits Available |
|
CVE-2023-46805 (8) | An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote ... | HIGH | Ivanti |
CISA Known Exploited Remote Code Execution Public Exploits Available |
CVE-2024-3661 (6) | DHCP can add routes to a client’s routing table via the classless static route option . | HIGH |
Actively Exploited Remote Code Execution |
|
CVE-2024-26026 (5) | An SQL injection vulnerability exists in the BIG-IP Next Central Manager API . | HIGH |
Public Exploits Available |
|
CVE-2024-21793 (5) | An OData injection vulnerability exists in the BIG-IP Next Central Manager API . | HIGH |
Public Exploits Available |
CISA Known Exploited Vulnerabilities
CISA added 0 vulnerabilities to the known exploited vulnerabilities list.
In The News
Vulnerabilities receiving the most attention in traditional news media.
CVE-2023-49606 |
CRITICAL CVSS 9.80 EPSS Score 0.09 EPSS Percentile 38.60 |
Actively Exploited Remote Code Execution Public Exploits Available |
Published: May 1, 2024 |
A use-after-free vulnerability exists in the HTTP Connection Headers parsing in Tinyproxy 1.11.1 and Tinyproxy 1.10.0. A specially crafted HTTP header can trigger reuse of previously freed memory, which leads to memory corruption and could lead to remote code execution. An attacker needs to make an unauthenticated HTTP request to trigger this vulnerability. |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-23397 |
CRITICAL CVSS 9.80 EPSS Score 92.64 EPSS Percentile 98.99 |
CISA Known Exploited Actively Exploited Remote Code Execution Public Exploits Available |
Published: March 14, 2023 |
Microsoft Outlook Elevation of Privilege Vulnerability |
Vendor Impacted: Microsoft |
Products Impacted: Office, Outlook, 365 Apps |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-47610 |
CRITICAL CVSS 9.80 EPSS Score 0.23 EPSS Percentile 61.09 |
Actively Exploited Remote Code Execution |
Published: Nov. 9, 2023 |
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could allow a remote unauthenticated attacker to execute arbitrary code on the targeted system by sending a specially crafted SMS message. |
Vendor Impacted: Telit |
Products Impacted: Bgs5 Firmware, Pds8, Pls62, Pds8 Firmware, Pds5 Firmware, Ehs5 Firmware, Ehs8, Els61, Pds6 Firmware, Pds6, Ehs8 Firmware, Ehs5, Bgs5, Els81 Firmware, Pds5, Ehs6, Pls62 Firmware, Ehs6 Firmware, Els81, Els61 Firmware |
Quotes
|
Headlines |
Back to top ↑ |
CVE-2024-21887 |
CRITICAL CVSS 9.10 EPSS Score 97.33 EPSS Percentile 99.88 |
CISA Known Exploited Actively Exploited Remote Code Execution Public Exploits Available |
Published: Jan. 12, 2024 |
A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance. |
Vendor Impacted: Ivanti |
Products Impacted: Connect Secure And Policy Secure, Policy Secure, Connect Secure |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-40000 |
HIGH CVSS 8.30 EPSS Score 0.04 EPSS Percentile 8.45 |
Actively Exploited Public Exploits Available |
Published: April 16, 2024 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LiteSpeed Technologies LiteSpeed Cache allows Stored XSS.This issue affects LiteSpeed Cache: from n/a through 5.7. |
Quotes
|
Headlines |
Back to top ↑ |
CVE-2023-46805 |
HIGH CVSS 8.20 EPSS Score 96.56 EPSS Percentile 99.61 |
CISA Known Exploited Remote Code Execution Public Exploits Available |
Published: Jan. 12, 2024 |
An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks. |
Vendor Impacted: Ivanti |
Products Impacted: Connect Secure And Policy Secure, Policy Secure, Connect Secure |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2024-3661 |
HIGH CVSS 7.60 EPSS Score 0.05 EPSS Percentile 16.35 |
Actively Exploited Remote Code Execution |
Published: May 6, 2024 |
DHCP can add routes to a client’s routing table via the classless static route option (121). VPN-based security solutions that rely on routes to redirect traffic can be forced to leak traffic over the physical interface. An attacker on the same local network can read, disrupt, or possibly modify network traffic that was expected to be protected by the VPN. |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2024-26026 |
HIGH CVSS 7.50 EPSS Score 0.04 EPSS Percentile 8.45 |
Public Exploits Available |
Published: May 8, 2024 |
An SQL injection vulnerability exists in the BIG-IP Next Central Manager API (URI). Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2024-21793 |
HIGH CVSS 7.50 EPSS Score 0.04 EPSS Percentile 8.45 |
Public Exploits Available |
Published: May 8, 2024 |
An OData injection vulnerability exists in the BIG-IP Next Central Manager API (URI). Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. |
Quotes
|
Headlines
|
Back to top ↑ |
Accelerate Security Teams
Schedule a free consultation with a vulnerability expert to discuss your use cases and to see a demo.