#remotecodeexecution

Over 178K SonicWall firewalls vulnerable to DoS, potential RCE attacks

by

January 16, 2024 at 08:21AM Security researchers have uncovered vulnerabilities in over 178,000 SonicWall next-generation firewalls (NGFW) with exposed management interfaces online, potentially leading to denial-of-service (DoS) and remote code execution (RCE) attacks. These vulnerabilities could impact a significant number of SonicWall devices and may pose a serious threat to corporate networks, emphasizing the need … Read more

Over 178,000 SonicWall firewalls vulnerable to RCE, DoS attacks

by

January 15, 2024 at 01:34PM Security researchers discovered that more than 178,000 SonicWall firewalls with exposed online management interfaces are vulnerable to denial-of-service and remote code execution attacks. These vulnerabilities affect a large number of appliances and can lead to serious security risks. Users are advised to take measures to protect their devices from these … Read more

Opera MyFlaw Bug Could Let Hackers Run ANY File on Your Mac or Windows

by

January 15, 2024 at 11:44AM The Guardio Labs research team has revealed a security flaw, dubbed MyFlaw, in the Opera web browser for Windows and macOS, allowing execution of files on the operating system. The flaw exploits the My Flow feature, prompting updates on Nov 22, 2023, to address it. The vulnerability emphasizes the need … Read more

Critical RCE Vulnerability Uncovered in Juniper SRX Firewalls and EX Switches

by

January 13, 2024 at 06:54AM Juniper Networks released updates to fix a critical remote code execution vulnerability in its SRX Series firewalls and EX Series switches, tracked as CVE-2024-21591 with a CVSS score of 9.8. The flaw can allow attackers to cause Denial-of-Service or Remote Code Execution, affecting specific Junos OS versions. Juniper also resolved … Read more

Number of orgs compromised via Ivanti VPN zero-days grows as Mandiant weighs in

by

January 12, 2024 at 09:25PM Mandiant’s threat intel team identified two zero-day bugs in Ivanti products that were under attack by cyberspies as early as December. Ivanti has disclosed the vulnerabilities in their products and is working on rolling out patches while urging customers to immediately deploy mitigations. The situation is particularly concerning as the … Read more

Exploit for under-siege SharePoint vuln reportedly in hands of ransomware crew

by

January 12, 2024 at 02:49PM Security experts have warned about a ransomware group exploiting a critical Microsoft SharePoint vulnerability, CVE-2023-29357, which can lead to remote code execution. This vulnerability was added to the US’s must-patch list, giving agencies three weeks to patch it. The exploit chain has been a concern, and patching is crucial to … Read more

CISA: Critical Microsoft SharePoint bug now actively exploited

by

January 12, 2024 at 02:47PM CISA warned of active exploitation of critical Microsoft SharePoint vulnerabilities, including CVE-2023-29357, which allows attackers to gain admin privileges using spoofed JWT tokens. When chained with another bug, remote code execution is possible. These exploits have gained attention after a successful demo at the Pwn2Own contest, leading to the release … Read more

Juniper warns of critical RCE bug in its firewalls and switches

by

January 12, 2024 at 12:40PM Juniper Networks has addressed a critical pre-auth remote code execution vulnerability affecting SRX Series firewalls and EX Series switches, tracked as CVE-2024-21591. Vulnerable Junos OS versions are listed, and admins are urged to apply security updates or disable the J-Web interface. CISA also warned of a previous exploit on Juniper … Read more

Volexity Catches Chinese Hackers Exploiting Ivanti VPN Zero-Days

by

January 10, 2024 at 08:03PM Volexity warned of Chinese hackers exploiting zero-day vulnerabilities (CVE-2023-46805 and CVE-2024-21887) in Ivanti Connect Secure VPN. It affected fully patched appliances, with pre-patch mitigations provided. The attackers used these exploits to execute commands, steal data, and gain access to network systems. Volexity discovered and described the attacker’s methods. From the … Read more

Ivanti warns of Connect Secure zero-days exploited in attacks

by

January 10, 2024 at 01:59PM Ivanti has disclosed two zero-day vulnerabilities in its Connect Secure (ICS) and Policy Secure products. The CVE-2023-46805 flaw bypasses authentication, while CVE-2024-21887 allows arbitrary command execution. Chaining the two enables attackers to run commands without authentication. Ivanti is working on patches, with mitigation available until then. The company reports limited … Read more