September 25, 2024 at 02:13PM CISA has added CVE-2024-7593, a high-severity Ivanti vulnerability, to its Known Exploited Vulnerabilities Catalog. The flaw allows remote unauthenticated attackers to create admin accounts by bypassing the admin panel due to an authentication algorithm implementation issue in older Ivanti vTM versions. Patched in vTM versions 22.2R1, 22.3R3, 22.5R2, 22.6R2, and … Read more
September 24, 2024 at 01:06PM CISA has identified a critical Ivanti security vulnerability (CVE-2024-7593) allowing threat actors to create unauthorized admin users on vulnerable Ivanti vTM appliances. The flaw enables bypass of authentication algorithms on internet-exposed vTM admin panels. Ivanti has released security updates and recommends restricting access to the vTM management interface. CISA requires … Read more
September 19, 2024 at 05:16PM Organizations using self-hosted GitLab instances with SAML-based authentication are advised to urgently update to the latest versions due to a severe bug (CVE-2024-45409) allowing attackers to bypass authentication checks and gain unauthorized access. GitLab has already updated managed instances but urges self-managed installations to patch immediately to mitigate the vulnerability. … Read more
August 22, 2024 at 08:45AM CISA warned about 2 critical authentication bypass vulnerabilities in Dahua products, affecting IP cameras, monitors, intercoms, and DVRs. Tracked as CVE-2021-33044 and CVE-2021-33045, they have a CVSS score of 9.8. Exploiting these could allow unauthorized access. CISA urges entities to address these concerns promptly following BOD 22-01 guidelines. From the … Read more
August 21, 2024 at 10:22AM A critical vulnerability, CVE-2024-6800, in GitHub Enterprise Server allows an attacker to gain admin privileges by exploiting a problem with SAML authentication. Over 36,500 GHES instances are accessible online, mostly in the US. GitHub has released fixed versions and warns of potential errors and issues during the update process. Based … Read more
August 14, 2024 at 02:03AM Ivanti has released security updates for a critical flaw in Virtual Traffic Manager (vTM) that could allow an authentication bypass and the creation of rogue administrative users. The vulnerability, tracked as CVE-2024-7593, has a CVSS score of 9.8. Additionally, Ivanti has addressed other vulnerabilities in Neurons for ITSM and Ivanti … Read more
August 13, 2024 at 11:31AM Ivanti urged customers to patch critical authentication bypass vulnerability affecting Ivanti Virtual Traffic Manager (vTM) appliances. The flaw, tracked as CVE-2024-7593, allows remote unauthenticated attackers to create rogue administrator accounts. Ivanti advises restricting access to vTM management interface and upgrading to the latest patched versions to mitigate the risk. Key … Read more
July 30, 2024 at 04:12PM Ransomware groups are exploiting an authentication bypass bug (CVE-2024-37085) in VMware ESXi, giving them significant access and enabling rapid malware deployment. Broadcom has issued a fix. ESXi hypervisors inadvertently grant full administrative access to any AD domain group called “ESX Admins.” Hackers find hypervisors alluring due to their complexity and … Read more
July 12, 2024 at 11:57AM Netgear issues urgent firmware update for multiple WiFi 6 router models to address stored XSS and authentication bypass vulnerabilities. Successful exploitation can lead to session hijacking, information theft, and unauthorized access, posing significant security risks. Users are strongly advised to immediately update their router firmware through Netgear Support to mitigate … Read more
July 12, 2024 at 11:35AM Netgear urges customers to update their WiFi 6 routers to address security vulnerabilities. These include a stored cross-site scripting flaw affecting XR1000 Nighthawk gaming routers and an authentication bypass bug impacting CAX30 Nighthawk AX6 6-Stream cable modem routers. Netgear provides steps for firmware updates and warns users of potential consequences … Read more