CVE-2024-0012
KEV- 5 Posts
- 12 Interactions
CVE Info
Fediverse
Bad day for VPN routers: Palo Alto PAN-OS CVE-2024-0012 and CVE-2024-9474 auth bypass by HTTP, privesc via command injection. Exploitation enables pre-auth RCE chaining the bypass to inject arbitrary commands in PHP session handling, targeting SSLVPN devices.
Being actively exploited.
Unit 42 11/20 update: Threat Brief: Operation Lunar Peek, Activity Related to CVE-2024-0012
20 November 2024 update regarding Operation Lunar Peek and the zero-day exploitation of CVE-2024-0012 and CVE-2024-9474: Unit 42 updated the Executive Summary, the Current Scope of the Attack section, but most importantly, there are new Indicators of Compromise (IoC).
#CVE_2024_0012 #CVE_2024_9474 #threatintel #infosec #cybersecurity #cyberthreatintelligence #OperationLunarPeek #LunarPeek #infosec #CTI #IOC #zeroday #panos #cisa #kev #eitw #activeexploitation
‘ We simply… supply the off value to the X-PAN-AUTHCHECK HTTP request header, and the server helpfully turns off authentication?! At this point, why is anyone surprised?’
NIST-defined critical software.
https://labs.watchtowr.com/pots-and-pans-aka-an-sslvpn-palo-alto-pan-os-cve-2024-0012-and-cve-2024-9474/
Updates on PAN-SA-2024-0015: The blog has been updated with the following latest information provided by Palo Alto.
1) CVE-2024-0012 has been assigned
2) Indicators of Compromise has been updated.
3) Added a section "What if I found one of the IOCs in my Organization's environment??"
4) Affected Products and Product versions has been updated
5) Fixed versions has been updated.
Refer: https://patchnow24x7.com/blog-1/f/pan-sa-2024-0015-secure-your-paloalto-management-interface-now
#PatchNOW
#Vulnerability
#ComputerSecurity
#hacked
#Cyberattack
#infosec
#informationsecurity
#CyberSecurityAwareness
#DataBreach
#cybersecurity
CVE-2024-9474
KEV- 4 Posts
- 12 Interactions
CVE Info
Fediverse
Bad day for VPN routers: Palo Alto PAN-OS CVE-2024-0012 and CVE-2024-9474 auth bypass by HTTP, privesc via command injection. Exploitation enables pre-auth RCE chaining the bypass to inject arbitrary commands in PHP session handling, targeting SSLVPN devices.
Being actively exploited.
Unit 42 11/20 update: Threat Brief: Operation Lunar Peek, Activity Related to CVE-2024-0012
20 November 2024 update regarding Operation Lunar Peek and the zero-day exploitation of CVE-2024-0012 and CVE-2024-9474: Unit 42 updated the Executive Summary, the Current Scope of the Attack section, but most importantly, there are new Indicators of Compromise (IoC).
#CVE_2024_0012 #CVE_2024_9474 #threatintel #infosec #cybersecurity #cyberthreatintelligence #OperationLunarPeek #LunarPeek #infosec #CTI #IOC #zeroday #panos #cisa #kev #eitw #activeexploitation
‘ We simply… supply the off value to the X-PAN-AUTHCHECK HTTP request header, and the server helpfully turns off authentication?! At this point, why is anyone surprised?’
NIST-defined critical software.
https://labs.watchtowr.com/pots-and-pans-aka-an-sslvpn-palo-alto-pan-os-cve-2024-0012-and-cve-2024-9474/
CVE-2024-38812
KEV- 2 Posts
- 10 Interactions
CVE Info
Fediverse
Update on CVE-2024-38812: VMware vCenter Server Heap-Based Buffer Overflow Vulnerability-- CISA has added CVE-2024-38812 to its 'Known Exploited vulnerabilities catalog'. IF YOU HAVEN'T PATCHED IT YET, PATCH IT NOW!! #PatchNOW
Link: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
#cybersecurity
#Vulnerability
#ComputerSecurity
#hacked
#Cyberattack
#infosec
#informationsecurity
#CyberSecurityAwareness
#DataBreach
CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog
Hot off the press!
- CVE-2024-38812 (9.8 critical) VMware vCenter Server heap-overflow vulnerability
- CVE-2024-38813 (7.5 high) VMware vCenter privilege escalation vulnerability
#cisa #kev #cisakev #knownexploitedvulnerabilitiescatalog #vmware #vcenter #vulnerability #eitw #activeexploitation #infosec #cybersecurity
CVE-2024-10979
- 2 Posts
- 1 Interaction
CVE Info
Fediverse
Reproducing CVE-2024-10979: A Step-by-Step Guide: https://redrays.io/blog/reproducing-cve-2024-10979-a-step-by-step-guide/
https://www.openwall.com/lists/oss-security/2024/11/16/7
CVE-2024-10976, CVE-2024-10977, CVE-2024-10978, CVE-2024-10979
CVE-2024-52940
- 1 Post
- 2 Interactions
CVE Info
Fediverse
CVE-2024-26229
- 1 Post
- 2 Interactions
CVE Info
Fediverse
@cR0w This is from a client lol, AlienVault is flagging 127.0.0.0/8 connections as cve-2024-26229 IOCs 🙄
CVE-2024-10224
- 1 Post
- 1 Interaction
CVE Info
Fediverse
It has been 0 days since I've had to tap the sign:
https://infosec.exchange/@ckure/111970971640286655
"CVE-2024-10224: local attackers can execute arbitrary shell commands as root by tricking needrestart into open()ing a filename of the form "commands|" (technically, this vulnerability is in Perl's ScanDeps module, but it is unclear whether this module was ever meant to operate on attacker-controlled files or not)."
https://www.qualys.com/2024/11/19/needrestart/needrestart.txt
CVE-2024-35250
- 1 Post
CVE Info
Fediverse
CVE-2024-9143
- 1 Post
CVE Info
Fediverse
We published more details about our LLM-based fuzz target generator, which found CVE-2024-9143 in OpenSSL
https://security.googleblog.com/2024/11/leveling-up-fuzzing-finding-more.html
CVE-2024-1212
KEV- 1 Post
- 1 Interaction
CVE Info
Fediverse
Progress Kemp #LoadMaster contains an OS Command #Injection #vulnerability that allows an unauthenticated, remote attacker to access the system through the LoadMaster management interface, enabling arbitrary system command execution (CVE-2024-1212):
https://thehackernews.com/2024/11/cisa-alert-active-exploitation-of.html
CVE-2024-23113
KEV- 1 Post
CVE Info
Fediverse
What a wonderful writeup of the #fortinet vulnerabilities found by watchtowr labs. It's insightful and entertaining :) #cybersecurity #security #infosec
https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/
CVE-2024-47575
KEV- 1 Post
CVE Info
Fediverse
What a wonderful writeup of the #fortinet vulnerabilities found by watchtowr labs. It's insightful and entertaining :) #cybersecurity #security #infosec
https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/
CVE-2024-21287
- 1 Post
CVE Info
Fediverse
Tracked as CVE-2024-21287 (CVSS score of 7.5), the zero-day affects Agile PLM version 9.3.6 and can be exploited remotely without authentication. https://www.securityweek.com/oracle-patches-exploited-agile-plm-zero-day/
CVE-2024-38813
KEV- 1 Post
- 9 Interactions
CVE Info
Fediverse
CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog
Hot off the press!
- CVE-2024-38812 (9.8 critical) VMware vCenter Server heap-overflow vulnerability
- CVE-2024-38813 (7.5 high) VMware vCenter privilege escalation vulnerability
#cisa #kev #cisakev #knownexploitedvulnerabilitiescatalog #vmware #vcenter #vulnerability #eitw #activeexploitation #infosec #cybersecurity
CVE-2024-44309
- 1 Post
- 3 Interactions
CVE Info
Fediverse
iOS 18.1.1 und macOS Sequoia 15.1.1 schließen aktiv ausgenutzte Sicherheitslücken
Apple hat mit den neuen Updates iOS 18.1.1 und macOS Sequoia 15.1.1 bedeutende Sicherheitslücken geschlossen, die Beric
https://www.apfeltalk.de/magazin/feature/ios-18-1-1-und-macos-sequoia-15-1-1-schliessen-aktiv-ausgenutzte-sicherheitsluecken/
#Feature #iPad #iPhone #Mac #Apple #CrossSiteScripting #CVE202444308 #CVE202444309 #IntelMac #IOS1811 #JavaScriptCore #MacOSSequoia1511 #Sicherheitsupdate #Webkit
CVE-2024-44308
- 1 Post
- 3 Interactions
CVE Info
Fediverse
iOS 18.1.1 und macOS Sequoia 15.1.1 schließen aktiv ausgenutzte Sicherheitslücken
Apple hat mit den neuen Updates iOS 18.1.1 und macOS Sequoia 15.1.1 bedeutende Sicherheitslücken geschlossen, die Beric
https://www.apfeltalk.de/magazin/feature/ios-18-1-1-und-macos-sequoia-15-1-1-schliessen-aktiv-ausgenutzte-sicherheitsluecken/
#Feature #iPad #iPhone #Mac #Apple #CrossSiteScripting #CVE202444308 #CVE202444309 #IntelMac #IOS1811 #JavaScriptCore #MacOSSequoia1511 #Sicherheitsupdate #Webkit
CVE-2024-20767
- 1 Post
CVE Info
Fediverse
https://blog.securelayer7.net/coldfusion-path-traversal-and-weblogic-unauthenticated-rce-remediation/
CVE-2024-21216
- 1 Post
CVE Info
Fediverse
https://blog.securelayer7.net/coldfusion-path-traversal-and-weblogic-unauthenticated-rce-remediation/
CVE-2024-10977
- 1 Post
- 1 Interaction
CVE Info
Fediverse
https://www.openwall.com/lists/oss-security/2024/11/16/7
CVE-2024-10976, CVE-2024-10977, CVE-2024-10978, CVE-2024-10979
CVE-2024-10976
- 1 Post
- 1 Interaction
CVE Info
Fediverse
https://www.openwall.com/lists/oss-security/2024/11/16/7
CVE-2024-10976, CVE-2024-10977, CVE-2024-10978, CVE-2024-10979
CVE-2024-10978
- 1 Post
- 1 Interaction
CVE Info
Fediverse
https://www.openwall.com/lists/oss-security/2024/11/16/7
CVE-2024-10976, CVE-2024-10977, CVE-2024-10978, CVE-2024-10979