CISA Highlights Apache OFBiz Flaw After PoC Open Access

August 29, 2024 at 03:30PM CISA has added a critical security flaw in the Apache OFBiz open source ERP system to its Known Exploited Vulnerabilities catalog. Tracked as CVE-2024-38856, the bug carries a score of 9.8 out of 10 on the CVSS scale, enabling pre-authentication RCE. Organizations must update to version 18.12.15 by Sept. 17 … Read more

PHP fixes critical RCE flaw impacting all versions for Windows

June 7, 2024 at 10:39AM A new PHP RCE vulnerability, CVE-2024-4577, impacts Windows PHP versions since 5.x. With a patch released, updating large-scale deployments poses challenges, leaving systems vulnerable. Exploiting ‘Best-Fit’ encoding on Windows, it bypasses prior protections. Mitigations include upgrading to patched versions, applying mod_rewrite rules, or migrating from CGI to FastCGI, PHP-FPM, or … Read more

Critical Fluent Bit bug affects all major cloud providers, say researchers

May 21, 2024 at 01:54PM Infosec researchers have flagged a critical vulnerability (CVE-2024-4323) in Fluent Bit, a widely used logging component. Tenable discovered the flaw, potentially leading to denial of service, information leakage, and remote code execution. The issue affects versions 2.0.7 through 3.0.3 and may compromise the security of major cloud providers and blue … Read more

New Ivanti RCE flaw may impact 16,000 exposed VPN gateways

April 5, 2024 at 01:47PM Approximately 16,500 Ivanti Connect Secure and Poly Secure gateways are vulnerable to remote code execution flaw CVE-2024-21894, exposing them to potential denial of service and unauthenticated user exploitation. This high-severity vulnerability has seen significant exposure worldwide, including state-sponsored threat actors and widespread exploitation, making it crucial for system administrators to … Read more

45k Jenkins servers exposed to RCE attacks using public exploits

January 29, 2024 at 05:07PM Security researchers discovered about 45,000 vulnerable Jenkins instances online, susceptible to CVE-2023-23897, a critical flaw allowing remote code execution. The issue originates from an automatic file reading feature, potentially leading to arbitrary command execution. There are multiple public PoC exploits available, posing a significant threat to unpatched Jenkins servers globally. … Read more

Recent Apache Struts 2 Vulnerability in Attacker Crosshairs

December 15, 2023 at 06:42AM Threat actors are exploiting a critical remote code execution flaw in internet-accessible Apache Struts 2 instances. Tracked as CVE-2023-50164, the bug allows attackers to manipulate file upload parameters and upload malicious files, resulting in RCE. Despite widespread exploitation attempts, scaling the attack is challenging. Users of affected Struts versions are … Read more

Critical Mirth Connect Vulnerability Could Expose Sensitive Healthcare Data

October 26, 2023 at 02:57PM Open source data integration platform Mirth Connect has a remote code execution vulnerability, according to cybersecurity firm Horizon3.ai. The vulnerability, tracked as CVE-2023-43208, bypasses a critical-severity flaw disclosed earlier and affects all Mirth Connect installations. A patch has been released, but the cybersecurity firm warns that the vulnerability is easily … Read more

Virtual Alarm: VMware Issues Major Security Advisory

October 25, 2023 at 03:40PM VMware has advised customers to update their vCenter Servers due to a critical flaw that could result in remote code execution. The flaw, assigned a high severity score of 9.8, allows for an out-of-bounds write vulnerability in the DCERPC protocol. It is considered a serious threat to the confidentiality, integrity, … Read more