Snapshot
May 13, 2023 - May 19, 2023
CISA Known Exploited Vulnerabilities |
||||
|---|---|---|---|---|
| CVE | Summary | Severity | Vendor | Date Added |
| CVE-2016-6415 | Cisco IOS, IOS XR, and IOS XE contain insufficient condition checks in the part of the code that handles Internet Key Exchange version 1 (IKEv1) security negotiation requests. contains an information disclosure vulnerability in the Internet Key Exchange version 1 (IKEv1) that could allow an attacker to retrieve memory contents. Successful exploitation could allow the attacker to retrieve memory contents, which can lead to information disclosure. | HIGH | Cisco | May 19, 2023 |
| CVE-2004-1464 | Cisco IOS contains an unspecified vulnerability that may block further telnet, reverse telnet, Remote Shell (RSH), Secure Shell (SSH), and in some cases, Hypertext Transport Protocol (HTTP) access to the Cisco device. | MEDIUM | Cisco | May 19, 2023 |
| CVE-2023-21492 | Samsung mobile devices running Android 11, 12, and 13 contain an insertion of sensitive information into log file vulnerability that allows a privileged, local attacker to conduct an address space layout randomization (ASLR) bypass. | MEDIUM | Samsung | May 19, 2023 |
Newswires |
||||
|
KeePass Password Manager Faces Second Vulnerability in Recent Months
A security researcher has identified a vulnerability in the popular KeePass open source password manager for the second time in recent months. |
May 18, 2023 |
|||
|
Apple Patches Three Actively Exploited Zero-Day Vulnerabilities
Apple has recently fixed three zero-day vulnerabilities that were being actively exploited to hack into iPhones, Macs, and iPads. |
May 18, 2023 |
|||
|
Cisco Issues Warning for Critical Switch Vulnerabilities with Public Exploit Code
Cisco has issued a warning to customers regarding four critical remote code execution vulnerabilities that have public exploit code, impacting multiple Small Business Series Switches. |
May 17, 2023 |
|||
|
BianLian Ransomware Group Targets Critical Infrastructure Organizations
The US Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Australian Cyber Security Centre (ACSC) have issued a joint warning to critical infrastructure organizations about the BianLian ransomware group's attacks. |
May 17, 2023 |
|||
|
Unpatched Wemo Smart Plug Bug Leaves Numerous Networks Vulnerable to Cyberattacks
The Wemo Mini Smart Plug V2, a device that enables users to remotely control appliances connected to it through a mobile app, has a security vulnerability (CVE-2023-27217) that makes numerous networks susceptible to cyberattacks. |
May 16, 2023 |
|||
|
Ransomware Targets VMware ESXi Hypervisor: The Emergence of 'MichaelKors'
VMware's ESXi hypervisor's extensive use and its lack of support for third-party malware detection capabilities have made it an attractive target for ransomware operators. |
May 16, 2023 |
|||
|
Meme-Themed Cyberattacks Target Hospitality Sector Using Follina Bug
The Follina remote code execution (RCE) vulnerability is being exploited in a new cyberattack campaign targeting the hospitality industry. |
May 15, 2023 |
|||
Vulnerabilities In The News |
||||
| CVE | Summary | Severity | Vendor | Risk Context |
| CVE-2023-23529 (4) | A type confusion issue was addressed with improved checks. | HIGH | Apple |
CISA Known Exploited Actively Exploited Remote Code Execution |
| CVE-2023-20189 (7) | Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unaut... | HIGH | Risk Context N/A | |
| CVE-2023-20161 (7) | Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unaut... | HIGH | Risk Context N/A | |
| CVE-2023-20160 (7) | Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unaut... | HIGH | Risk Context N/A | |
| CVE-2023-20159 (7) | Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unaut... | HIGH | Risk Context N/A | |
| CVE-2023-30777 (4) | Unauth. | MEDIUM | Advancedcustomfields |
Actively Exploited Remote Code Execution |
| CVE-2023-32784 (6) | In KeePass 2.x before 2.54, it is possible to recover the cleartext master password from a memory dump, even when a workspace... | N/A |
Actively Exploited Remote Code Execution Public Exploits Available |
|
CISA Known Exploited Vulnerabilities
CISA added three vulnerabilities to the known exploited vulnerabilities list.
Cisco — IOS, IOS XR, and IOS XE |
|
CVE-2016-6415 / Added: May 19, 2023 |
|
HIGH CVSS 7.50 |
|
Cisco IOS, IOS XR, and IOS XE contain insufficient condition checks in the part of the code that handles Internet Key Exchange version 1 (IKEv1) security negotiation requests. contains an information disclosure vulnerability in the Internet Key Exchange version 1 (IKEv1) that could allow an attacker to retrieve memory contents. Successful exploitation could allow the attacker to retrieve memory contents, which can lead to information disclosure. |
Cisco — IOS |
|
CVE-2004-1464 / Added: May 19, 2023 |
|
MEDIUM CVSS 5.00 |
|
Cisco IOS contains an unspecified vulnerability that may block further telnet, reverse telnet, Remote Shell (RSH), Secure Shell (SSH), and in some cases, Hypertext Transport Protocol (HTTP) access to the Cisco device. |
Samsung — Mobile Devices |
|
CVE-2023-21492 / Added: May 19, 2023 |
|
MEDIUM CVSS 4.40 |
|
Samsung mobile devices running Android 11, 12, and 13 contain an insertion of sensitive information into log file vulnerability that allows a privileged, local attacker to conduct an address space layout randomization (ASLR) bypass. |
In The News
Vulnerabilities receiving the most attention in traditional news media.
CVE-2023-23529 |
|
HIGH CVSS 8.80 |
|
CISA Known Exploited Actively Exploited Remote Code Execution |
|
Published: Feb. 27, 2023 |
|
A type confusion issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.2.1, iOS 16.3.1 and iPadOS 16.3.1, Safari 16.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. |
|
Vendor Impacted: Apple |
|
Products Impacted: Multiple Products, Iphone Os, Safari, Ipados, Macos |
|
Quotes
|
|
Headlines
|
| Back to top ↑ |
CVE-2023-20189 |
|
HIGH CVSS 8.60 |
|
Risk Context N/A |
|
Published: May 18, 2023 |
|
Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to the web interface. For more information about these vulnerabilities, see the Details section of this advisory. |
|
Quotes
|
|
Headlines
|
| Back to top ↑ |
CVE-2023-20161 |
|
HIGH CVSS 8.60 |
|
Risk Context N/A |
|
Published: May 18, 2023 |
|
Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to the web interface. For more information about these vulnerabilities, see the Details section of this advisory. |
|
Quotes
|
|
Headlines
|
| Back to top ↑ |
CVE-2023-20160 |
|
HIGH CVSS 8.60 |
|
Risk Context N/A |
|
Published: May 18, 2023 |
|
Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to the web interface. For more information about these vulnerabilities, see the Details section of this advisory. |
|
Quotes
|
|
Headlines
|
| Back to top ↑ |
CVE-2023-20159 |
|
HIGH CVSS 8.60 |
|
Risk Context N/A |
|
Published: May 18, 2023 |
|
Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to the web interface. For more information about these vulnerabilities, see the Details section of this advisory. |
|
Quotes
|
|
Headlines
|
| Back to top ↑ |
CVE-2023-30777 |
|
MEDIUM CVSS 6.10 |
|
Actively Exploited Remote Code Execution |
|
Published: May 10, 2023 |
|
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WP Engine Advanced Custom Fields Pro, WP Engine Advanced Custom Fields plugins <= 6.1.5 versions. |
|
Vendor Impacted: Advancedcustomfields |
|
Product Impacted: Advanced Custom Fields |
|
Quotes
|
|
Headlines
|
| Back to top ↑ |
CVE-2023-32784 |
|
CVSS Not Assigned |
|
Actively Exploited Remote Code Execution Public Exploits Available |
|
Published: May 15, 2023 |
|
In KeePass 2.x before 2.54, it is possible to recover the cleartext master password from a memory dump, even when a workspace is locked or no longer running. The memory dump can be a KeePass process dump, swap file (pagefile.sys), hibernation file (hiberfil.sys), or RAM dump of the entire system. The first character cannot be recovered. In 2.54, there is different API usage and/or random string insertion for mitigation. |
|
Quotes
|
|
Headlines
|
| Back to top ↑ |
Accelerate Security Teams
Schedule a free consultation with a vulnerability expert to discuss your use cases and to see a demo.
