Snapshot
Oct. 7, 2023 - Oct. 13, 2023
CISA Known Exploited Vulnerabilities |
||||
---|---|---|---|---|
CVE | Summary | Severity | Vendor | Date Added |
CVE-2023-21608 | Adobe Acrobat and Reader contains a use-after-free vulnerability that allows for code execution in the context of the current user. | HIGH | Adobe | Oct. 10, 2023 |
CVE-2023-44487 | HTTP/2 contains a rapid reset vulnerability that allows for a distributed denial-of-service attack (DDoS). | HIGH | IETF | Oct. 10, 2023 |
CVE-2023-20109 | Cisco IOS and IOS XE contain an out-of-bounds write vulnerability in the Group Encrypted Transport VPN (GET VPN) feature that could allow an authenticated, remote attacker who has administrative control of either a group member or a key server to execute malicious code or cause a device to crash. | MEDIUM | Cisco | Oct. 10, 2023 |
CVE-2023-36563 | Microsoft WordPad contains an unspecified vulnerability that allows for information disclosure. | MEDIUM | Microsoft | Oct. 10, 2023 |
CVE-2023-41763 | Microsoft Skype for Business contains an unspecified vulnerability that allows for privilege escalation. | MEDIUM | Microsoft | Oct. 10, 2023 |
Newswires |
||||
Active Cyberattacks Exploit Unprotected Citrix NetScaler Gateways
IBM's X-Force team has discovered that cybercriminals are actively exploiting a recent vulnerability, CVE-2023-3519, in the Citrix NetScaler Gateway. |
Oct. 13, 2023 |
|||
Unpatched WS_FTP Servers Now a Target for Ransomware Attacks
Ransomware attacks are now focusing on unpatched WS_FTP servers that are vulnerable to a maximum severity flaw. |
Oct. 12, 2023 |
|||
SEC Probes Progress Software Over MOVEit Ransomware Attack
The U.S. Securities and Exchange Commission (SEC) has opened an investigation into the security vulnerability in Progress Software's MOVEit transfer tool. |
Oct. 12, 2023 |
|||
High-Severity curl Vulnerability Not as Threatening as Initially Feared
The release of curl 8.4.0 has addressed a high-severity security vulnerability (CVE-2023-38546), allaying fears about the flaw's potential impact. |
Oct. 12, 2023 |
|||
Critical cURL Flaw Exposes Enterprise Systems to Potential Attacks
A critical vulnerability in the cURL data transfer project has been identified, posing a significant risk to countless enterprise operating systems, applications, and devices. |
Oct. 11, 2023 |
|||
CISA Identifies Five Newly Exploited Vulnerabilities in Popular Software
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has expanded its Known Exploited Vulnerabilities (KEV) catalog to include five additional security flaws. |
Oct. 11, 2023 |
|||
Apple Rolls Out iOS/iPadOS 16.7.1 to Address Zero-Day Vulnerability
While the launch of iOS 17 has been announced, a large number of Apple users are still on iOS 16, mainly because their devices cannot support the new upgrade. |
Oct. 11, 2023 |
|||
Fortinet Addresses Two Critical Vulnerabilities in FortiSIEM and FortiWLM
Fortinet has recently rolled out security patches to address two critical command injection vulnerabilities in its FortiSIEM and FortiWLM products. |
Oct. 11, 2023 |
|||
Microsoft Identifies Nation-State Threat Actor Behind Confluence Zero-Day Attacks
Microsoft has identified a nation-state threat actor, Storm-0062, as the entity behind the zero-day exploits targeting Atlassian’s Confluence Data Center and Server products. |
Oct. 10, 2023 |
|||
Microsoft Rolls Out Enhanced Patch for Critical Exchange Server Vulnerability
Microsoft has issued a more effective patch for a severe Microsoft Exchange Server vulnerability, originally fixed in August, identified as CVE-2023-21709. |
Oct. 10, 2023 |
|||
Microsoft Patches Over 100 Vulnerabilities Including Exploited Zero-Days in WordPad, Skype for Business
On Tuesday, Microsoft's security response team dispatched a substantial number of software and operating system updates to cover more than 100 vulnerabilities across the Windows ecosystem. |
Oct. 10, 2023 |
|||
Patch Tuesday: Critical Code Execution Vulnerabilities Identified in Adobe Commerce, Photoshop
Adobe, the software manufacturer, has released patches for 13 security vulnerabilities as part of its scheduled Patch Tuesday updates. |
Oct. 10, 2023 |
|||
Critical Vulnerability Detected in Citrix NetScaler Devices Could Expose Sensitive Information
A critical vulnerability has been discovered in Citrix's NetScaler ADC and NetScaler Gateway devices, which could lead to the exposure of sensitive data. |
Oct. 10, 2023 |
|||
Mirai Botnet Variant IZ1H9 Expands Exploit Arsenal
The IZ1H9, a variant of the notorious Mirai botnet, has broadened its attack capabilities by incorporating 13 new exploits into its toolkit. |
Oct. 10, 2023 |
|||
Record-Breaking DDoS Attacks Exploit New 'HTTP/2 Rapid Reset' Zero-Day Vulnerability
The newly discovered 'HTTP/2 Rapid Reset' DDoS technique has been exploited as a zero-day since August, setting new records in attack volume. |
Oct. 10, 2023 |
|||
Emerging 'Grayling' APT Group Targets Taiwanese Organizations and Others
An advanced persistent threat (APT) group, named Grayling by Symantec's cybersecurity unit, has been identified as a new threat to organizations in Taiwan, the US, and Vietnam. |
Oct. 10, 2023 |
|||
Industrial Scale Operation Behind Predator Mobile Spyware Revealed
A recent investigation by Amnesty International's Security Labs and the European Investigative Collaboration (EIC) media network has shed light on the extensive commercial operation behind the surge in Predator spyware. |
Oct. 9, 2023 |
|||
Large-Scale Credential Theft Campaign Targets Citrix NetScaler Gateways
Cybercriminals are leveraging a significant flaw, CVE-2023-3519, in Citrix NetScaler Gateways to carry out a large-scale campaign aimed at stealing user credentials. |
Oct. 9, 2023 |
|||
Vulnerabilities In The News |
||||
CVE | Summary | Severity | Vendor | Risk Context |
CVE-2023-22515 (9) | Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a pr... | CRITICAL | Atlassian |
CISA Known Exploited Actively Exploited Remote Code Execution Public Exploits Available |
CVE-2023-35349 (8) | Microsoft Message Queuing Remote Code Execution Vulnerability | CRITICAL | Microsoft |
Remote Code Execution |
CVE-2023-36434 (7) | Windows IIS Server Elevation of Privilege Vulnerability | CRITICAL | Microsoft | Risk Context N/A |
CVE-2023-43641 (8) | libcue provides an API for parsing and extracting data from CUE sheets. | HIGH |
Actively Exploited Remote Code Execution |
|
CVE-2023-5217 (7) | Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote at... | HIGH | Mozilla, Webmproject, Google |
CISA Known Exploited Actively Exploited Remote Code Execution Public Exploits Available |
CVE-2023-44487 (30) | The HTTP/2 protocol allows a denial of service because request cancellation can reset many streams quickly, as exploited in ... | HIGH | Ietf |
CISA Known Exploited Actively Exploited Remote Code Execution Public Exploits Available |
CVE-2023-36563 (16) | Microsoft WordPad Information Disclosure Vulnerability | MEDIUM | Microsoft |
CISA Known Exploited |
CVE-2023-41763 (15) | Skype for Business Elevation of Privilege Vulnerability | MEDIUM | Microsoft |
CISA Known Exploited |
CISA Known Exploited Vulnerabilities
CISA added five vulnerabilities to the known exploited vulnerabilities list.
Adobe — Acrobat and Reader |
CVE-2023-21608 / Added: Oct. 10, 2023 |
HIGH CVSS 7.80 EPSS Score 1.51 EPSS Percentile 85.46 |
Adobe Acrobat and Reader contains a use-after-free vulnerability that allows for code execution in the context of the current user. |
Headlines
|
In The News
Vulnerabilities receiving the most attention in traditional news media.
CVE-2023-22515 |
CRITICAL CVSS 9.80 EPSS Score 93.53 EPSS Percentile 98.81 |
CISA Known Exploited Actively Exploited Remote Code Execution Public Exploits Available |
Published: Oct. 4, 2023 |
Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts and access Confluence instances. Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue. For more details, please review the linked advisory on this CVE. |
Vendor Impacted: Atlassian |
Products Impacted: Confluence Server, Confluence Data Center, Confluence Data Center And Server |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-35349 |
CRITICAL CVSS 9.80 EPSS Score 1.07 EPSS Percentile 82.59 |
Remote Code Execution |
Published: Oct. 10, 2023 |
Microsoft Message Queuing Remote Code Execution Vulnerability |
Vendor Impacted: Microsoft |
Products Impacted: Windows Server 2019, Windows 11 22h2, Windows Server 2012, Windows 10 1507, Windows 10 22h2, Windows 10 1809, Windows 10 21h2, Windows 10 1607, Windows Server 2008, Windows Server 2022, Windows 11 21h2, Windows Server 2016 |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-36434 |
CRITICAL CVSS 9.80 EPSS Score 0.14 EPSS Percentile 49.84 |
Risk Context N/A |
Published: Oct. 10, 2023 |
Windows IIS Server Elevation of Privilege Vulnerability |
Vendor Impacted: Microsoft |
Products Impacted: Windows Server 2019, Windows 11 22h2, Windows Server 2012, Windows 10 1507, Windows 10 22h2, Windows 10 1809, Windows 10 21h2, Windows 10 1607, Windows Server 2008, Windows Server 2022, Windows 11 21h2, Windows Server 2016 |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-43641 |
HIGH CVSS 8.80 EPSS Score 0.05 EPSS Percentile 14.62 |
Actively Exploited Remote Code Execution |
Published: Oct. 9, 2023 |
libcue provides an API for parsing and extracting data from CUE sheets. Versions 2.2.1 and prior are vulnerable to out-of-bounds array access. A user of the GNOME desktop environment can be exploited by downloading a cue sheet from a malicious webpage. Because the file is saved to `~/Downloads`, it is then automatically scanned by tracker-miners. And because it has a .cue filename extension, tracker-miners use libcue to parse the file. The file exploits the vulnerability in libcue to gain code execution. This issue is patched in version 2.3.0. |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-5217 |
HIGH CVSS 8.80 EPSS Score 11.04 EPSS Percentile 94.49 |
CISA Known Exploited Actively Exploited Remote Code Execution Public Exploits Available |
Published: Sept. 28, 2023 |
Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
Vendors Impacted: Mozilla, Webmproject, Google |
Products Impacted: Chrome, Firefox Esr, Libvpx, Firefox Focus, Firefox, Chrome Libvpx |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-44487 |
HIGH CVSS 7.50 EPSS Score 0.64 EPSS Percentile 76.72 |
CISA Known Exploited Actively Exploited Remote Code Execution Public Exploits Available |
Published: Oct. 10, 2023 |
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. |
Vendor Impacted: Ietf |
Products Impacted: Http, Http/2 |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-36563 |
MEDIUM CVSS 6.50 EPSS Score 0.63 EPSS Percentile 76.65 |
CISA Known Exploited |
Published: Oct. 10, 2023 |
Microsoft WordPad Information Disclosure Vulnerability |
Vendor Impacted: Microsoft |
Products Impacted: Windows Server 2019, Windows 11 22h2, Windows Server 2012, Windows 10 1507, Windows 10 22h2, Windows 10 1809, Windows 10 21h2, Windows 10 1607, Windows Server 2008, Windows Server 2022, Windows 11 21h2, Windows Server 2016, Wordpad |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2023-41763 |
MEDIUM CVSS 5.30 EPSS Score 0.98 EPSS Percentile 81.71 |
CISA Known Exploited |
Published: Oct. 10, 2023 |
Skype for Business Elevation of Privilege Vulnerability |
Vendor Impacted: Microsoft |
Products Impacted: Skype For Business Server, Skype For Business |
Quotes
|
Headlines
|
Back to top ↑ |
Accelerate Security Teams
Schedule a free consultation with a vulnerability expert to discuss your use cases and to see a demo.