Exploit for Fortinet Critical RCE Bug Allows SIEM Root Access

May 29, 2024 at 02:10PM A critical vulnerability in Fortinet’s FortiSIEM product, CVE-2024-23108, poses a significant risk for potential exploitation. Dubbed “NodeZero” by researchers at Horizon3AI, the exploit enables unauthorized remote code execution on vulnerable appliances. Users of affected versions should patch immediately to mitigate the risk and prevent compromise. Based on the meeting notes, … Read more

CISA Warns of Attacks Exploiting NextGen Healthcare Mirth Connect Flaw

May 21, 2024 at 07:21AM CISA added a flaw in NextGen Healthcare’s Mirth Connect product, a widely used healthcare interface engine, to its KEV catalog. Tracked as CVE-2023-43208, the flaw can lead to unauthenticated remote code execution. A patch was released with Mirth Connect version 4.4.1. Microsoft reported ransomware attacks exploiting this and another flaw. … Read more

Recent Fortinet FortiClient EMS Vulnerability Exploited in Attacks

March 26, 2024 at 06:42AM The US cybersecurity agency, CISA, warns about the exploitation of CVE-2023-48788, a critical SQL injection bug affecting Fortinet’s FortiClient EMS. Patches have been released, and the vulnerability has been added to CISA’s Known Exploited Vulnerabilities catalog. Concerns also extend to another vulnerability, CVE-2021-44529, affecting Ivanti Endpoint Manager. (Words: 50) Based … Read more

Critical Mirth Connect Vulnerability Could Expose Sensitive Healthcare Data

October 26, 2023 at 02:57PM Open source data integration platform Mirth Connect has a remote code execution vulnerability, according to cybersecurity firm Horizon3.ai. The vulnerability, tracked as CVE-2023-43208, bypasses a critical-severity flaw disclosed earlier and affects all Mirth Connect installations. A patch has been released, but the cybersecurity firm warns that the vulnerability is easily … Read more

Alert: PoC Exploits Released for Citrix and VMware Vulnerabilities

October 25, 2023 at 02:36AM Virtualization services provider VMware has alerted customers to a proof-of-concept exploit for a recently patched security flaw in Aria Operations for Logs. The vulnerability, tracked as CVE-2023-34051, allows for authentication bypass and remote code execution. A PoC for the vulnerability has been made available, prompting VMware to revise its advisory. … Read more