Snapshot
Nov. 23, 2024 - Nov. 29, 2024
CISA Known Exploited Vulnerabilities |
||||
|---|---|---|---|---|
| CVE | Summary | Severity | Vendor | Date Added |
| CVE-2023-28461 | Array Networks AG and vxAG ArrayOS contain a missing authentication for critical function vulnerability that allows an attacker to read local files and execute code on the SSL VPN gateway. | CRITICAL | Array Networks | Nov. 25, 2024 |
Newswires |
||||
|
Zyxel Firewalls Exploited in Recent Ransomware Attacks
Zyxel, a network hardware manufacturer, has alerted users about a ransomware gang that has been exploiting a recently patched command injection vulnerability in its firewalls. |
Nov. 25, 2024 |
|||
|
Hackers Exploit Avast Anti-Rootkit Driver to Disable Security Defenses
A malicious campaign has been detected that exploits a legitimate but outdated Avast Anti-Rootkit driver to bypass detection and take control of the targeted system by disabling security components. |
Nov. 23, 2024 |
|||
Vulnerabilities In The News |
||||
| CVE | Summary | Severity | Vendor | Risk Context |
| CVE-2024-0012 (2) | An authentication bypass in Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the... | CRITICAL | Palo Alto Networks, Paloaltonetworks |
CISA Known Exploited Actively Exploited Public Exploits Available |
| CVE-2024-0204 (1) | Authentication bypass in Fortra's GoAnywhere MFT prior to 7.4.1 allows an unauthorized user to create an admin user via the a... | CRITICAL | Fortra |
Actively Exploited Remote Code Execution Public Exploits Available |
| CVE-2024-44308 (2) | The issue was addressed with improved checks. | HIGH | Apple |
CISA Known Exploited |
| CVE-2024-23222 (1) | A type confusion issue was addressed with improved checks. | HIGH | Apple |
CISA Known Exploited Actively Exploited Public Exploits Available |
| CVE-2024-23225 (1) | A memory corruption issue was addressed with improved validation. | HIGH | Apple |
CISA Known Exploited |
| CVE-2024-21338 (1) | Windows Kernel Elevation of Privilege Vulnerability | HIGH | Microsoft |
CISA Known Exploited Actively Exploited Remote Code Execution Used In Ransomware Public Exploits Available |
| CVE-2024-9474 (3) | A privilege escalation vulnerability in Palo Alto Networks PAN-OS software allows a PAN-OS administrator with access to the m... | HIGH | Palo Alto Networks, Paloaltonetworks |
CISA Known Exploited Actively Exploited Public Exploits Available |
| CVE-2024-44309 (2) | A cookie management issue was addressed with improved state management. | MEDIUM | Apple |
CISA Known Exploited |
| CVE-2024-48861 (2) | An OS command injection vulnerability has been reported to affect several product versions. | N/A | Risk Context N/A | |
| CVE-2024-48860 (2) | An OS command injection vulnerability has been reported to affect several product versions. | N/A | Risk Context N/A | |
CISA Known Exploited Vulnerabilities
CISA added one vulnerability to the known exploited vulnerabilities list.
Array Networks — AG/vxAG ArrayOS |
|
CVE-2023-28461 / Added: Nov. 25, 2024 |
|
CRITICAL CVSS 9.80 EPSS Score 0.32 EPSS Percentile 71.37 |
|
Array Networks AG and vxAG ArrayOS contain a missing authentication for critical function vulnerability that allows an attacker to read local files and execute code on the SSL VPN gateway. |
|
Headlines |
In The News
Vulnerabilities receiving the most attention in traditional news media.
CVE-2024-0012 |
|
CRITICAL CVSS 9.80 EPSS Score 96.61 EPSS Percentile 99.68 |
|
CISA Known Exploited Actively Exploited Public Exploits Available |
|
Published: Nov. 18, 2024 |
|
An authentication bypass in Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to gain PAN-OS administrator privileges to perform administrative actions, tamper with the configuration, or exploit other authenticated privilege escalation vulnerabilities like CVE-2024-9474 https://security.paloaltonetworks.com/CVE-2024-9474 . The risk of this issue is greatly reduced if you secure access to the management web interface by restricting access to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue is applicable only to PAN-OS 10.2, PAN-OS 11.0, PAN-OS 11.1, and PAN-OS 11.2 software. Cloud NGFW and Prisma Access are not impacted by this vulnerability. |
|
Vendors Impacted: Palo Alto Networks, Paloaltonetworks |
|
Product Impacted: Pan-Os |
|
Quotes
|
|
Headlines |
| Back to top ↑ |
CVE-2024-0204 |
|
CRITICAL CVSS 9.80 EPSS Score 54.72 EPSS Percentile 97.75 |
|
Actively Exploited Remote Code Execution Public Exploits Available |
|
Published: Jan. 22, 2024 |
|
Authentication bypass in Fortra's GoAnywhere MFT prior to 7.4.1 allows an unauthorized user to create an admin user via the administration portal. |
|
Vendor Impacted: Fortra |
|
Product Impacted: Goanywhere Managed File Transfer |
|
Quotes
|
|
Headlines |
| Back to top ↑ |
CVE-2024-44308 |
|
HIGH CVSS 8.80 EPSS Score 0.18 EPSS Percentile 56.71 |
|
CISA Known Exploited |
|
Published: Nov. 20, 2024 |
|
The issue was addressed with improved checks. This issue is fixed in Safari 18.1.1, iOS 17.7.2 and iPadOS 17.7.2, macOS Sequoia 15.1.1, iOS 18.1.1 and iPadOS 18.1.1, visionOS 2.1.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited on Intel-based Mac systems. |
|
Vendor Impacted: Apple |
|
Product Impacted: Multiple Products |
|
Quotes
|
|
Headlines |
| Back to top ↑ |
CVE-2024-23222 |
|
HIGH CVSS 8.80 EPSS Score 0.11 EPSS Percentile 45.77 |
|
CISA Known Exploited Actively Exploited Public Exploits Available |
|
Published: Jan. 23, 2024 |
|
A type confusion issue was addressed with improved checks. This issue is fixed in iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, tvOS 17.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited. |
|
Vendor Impacted: Apple |
|
Products Impacted: Macos, Safari, Ipados, Multiple Products, Tvos, Iphone Os |
|
Quotes
|
|
Headlines |
| Back to top ↑ |
CVE-2024-23225 |
|
HIGH CVSS 7.80 EPSS Score 0.21 EPSS Percentile 59.37 |
|
CISA Known Exploited |
|
Published: March 5, 2024 |
|
A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4. An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue may have been exploited. |
|
Vendor Impacted: Apple |
|
Products Impacted: Multiple Products, Ipad Os, Iphone Os |
|
Quotes
|
|
Headlines |
| Back to top ↑ |
CVE-2024-21338 |
|
HIGH CVSS 7.80 EPSS Score 0.07 EPSS Percentile 32.22 |
|
CISA Known Exploited Actively Exploited Remote Code Execution Used In Ransomware Public Exploits Available |
|
Published: Feb. 13, 2024 |
|
Windows Kernel Elevation of Privilege Vulnerability |
|
Vendor Impacted: Microsoft |
|
Products Impacted: Windows 11 23h2, Windows Server 2022, Windows 10 21h2, Windows Server 2019, Windows 10 1809, Windows 11 22h2, Windows 11 21h2, Windows Server 2022 23h2, Windows 10 22h2, Windows |
|
Quotes
|
|
Headlines |
| Back to top ↑ |
CVE-2024-9474 |
|
HIGH CVSS 7.20 EPSS Score 97.40 EPSS Percentile 99.94 |
|
CISA Known Exploited Actively Exploited Public Exploits Available |
|
Published: Nov. 18, 2024 |
|
A privilege escalation vulnerability in Palo Alto Networks PAN-OS software allows a PAN-OS administrator with access to the management web interface to perform actions on the firewall with root privileges. Cloud NGFW and Prisma Access are not impacted by this vulnerability. |
|
Vendors Impacted: Palo Alto Networks, Paloaltonetworks |
|
Product Impacted: Pan-Os |
|
Quotes
|
|
Headlines
|
| Back to top ↑ |
CVE-2024-44309 |
|
MEDIUM CVSS 6.30 EPSS Score 0.18 EPSS Percentile 56.71 |
|
CISA Known Exploited |
|
Published: Nov. 20, 2024 |
|
A cookie management issue was addressed with improved state management. This issue is fixed in Safari 18.1.1, iOS 17.7.2 and iPadOS 17.7.2, macOS Sequoia 15.1.1, iOS 18.1.1 and iPadOS 18.1.1, visionOS 2.1.1. Processing maliciously crafted web content may lead to a cross site scripting attack. Apple is aware of a report that this issue may have been actively exploited on Intel-based Mac systems. |
|
Vendor Impacted: Apple |
|
Product Impacted: Multiple Products |
|
Quotes
|
|
Headlines |
| Back to top ↑ |
CVE-2024-48861 |
|
CVSS Not Assigned EPSS Score 0.04 EPSS Percentile 10.36 |
|
Risk Context N/A |
|
Published: Nov. 22, 2024 |
|
An OS command injection vulnerability has been reported to affect several product versions. If exploited, the vulnerability could allow local network attackers to execute commands. We have already fixed the vulnerability in the following versions: QuRouter 2.4.4.106 and later |
|
Quotes
|
|
Headlines |
| Back to top ↑ |
CVE-2024-48860 |
|
CVSS Not Assigned EPSS Score 0.04 EPSS Percentile 10.36 |
|
Risk Context N/A |
|
Published: Nov. 22, 2024 |
|
An OS command injection vulnerability has been reported to affect several product versions. If exploited, the vulnerability could allow remote attackers to execute commands. We have already fixed the vulnerability in the following version: QuRouter 2.4.3.103 and later |
|
Quotes
|
|
Headlines |
| Back to top ↑ |
Accelerate Security Teams
Schedule a free consultation with a vulnerability expert to discuss your use cases and to see a demo.
