CVE-2024-38812
- 6 Posts
- 22 Interactions
CVE Info
Fediverse
"VMware Patches Remote Code Execution Flaw Found in Chinese Hacking Contest"
⬇️
"The most severe of the two, tagged as CVE-2024-38812 ... VMware warned that an attacker with network access to the server could send a specially crafted packet to execute remote code. The flaw carries a CVSS severity score of 9.8/10."
⬇️
"Chinese law dictates that zero-day vulnerabilities found by citizens must be promptly disclosed to the government. The details of a security hole cannot be sold or provided to any third-party, apart from the product’s manufacturer. The cybersecurity industry has raised concerns that the law will help the Chinese government stockpile zero-days."
👇
https://www.securityweek.com/vmware-patches-remote-code-execution-flaw-found-in-chinese-hacking-contest/
⬇️
🩹
👇
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24968
#VMware #CVE_2024_38812 #cyberveille #broadcom #vulnerability
VMware vCenter Server vulnérable à une exécution de code à distance (CVE-2024-38812) https://www.it-connect.fr/vmware-vcenter-server-vulnerable-a-une-execution-de-code-a-distance-cve-2024-38812/ #ActuCybersécurité #Cybersécurité #Vulnérabilité #VMware
VMware security advisory: VMSA-2024-0019
- CVE-2024-38812 (9.8 critical) VMware vCenter Server heap-overflow vulnerability
- CVE-2024-38813 (7.5 high) VMware vCenter privilege escalation vulnerability
According to the stupid bit.ly shortened link to the Frequently Asked Questions:
Broadcom is not currently aware of exploitation “in the wild.” If that changes the advisory and this document will be updated. Please subscribe to the VMSA mailing list (link above) for proactive alerts.
Obligatory fuck Broadcom.
#vmware #vcenter #vulnerability #cve #CVE_2024_38812 #CVE_2024_38813
❗Broadcom has disclosed two vulnerabilities impacting VMware vCenter servers, found in VMware vSphere and VMware Cloud Foundation products. Successful exploitation of CVE-2024-38812 and CVE-2024-38813 can enable an attacker to send requests that trigger a heap-overflow resulting in RCE or privilege escalation into root.
🛑 Be advised that CVE-2024-38812 is rated as critical with CVSS score of 9.8.
👉 Use our research team’s Rapid Response post to quickly check for potentially vulnerable systems in your environment:
Security Week: VMware Patches Remote Code Execution Flaw Found in Chinese Hacking Contest
Security Week links the VMware vCenter vulnerabilities CVE-2024-38812 and CVE-2024-38813 (see parent toot above for the security advisory) to the 2024 Matrix Cup contest. @nattothoughts has thoughts on that: Matrix Cup: Cultivating Top Hacking Talent, Keeping Close Hold on Results
It prioritizes new talent cultivation and expands the access of intelligence agencies to critical vulnerabilities, as the vulnerabilities found in the contest are likely channeled to the Ministry of State Security (MSS) for potential use in offensive operations.
#CVE_2024_38812 #matrixcup #CVE_2024_38813 #vmware #vulnerability #CVE #vCenter
CVE-2024-45409
- 2 Posts
- 37 Interactions
CVE Info
Fediverse
GitLab security advisory: GitLab Critical Patch Release: 17.3.3, 17.2.7, 17.1.8, 17.0.8, 16.11.10
CVE-2024-45409 (perfect 10.0 critical 🥳 cc: @cR0w) SAML authentication bypass
GitLab doing me a heccin' concern because they're already talking about detecting unsuccessful and successful exploitation attempts. I can't definitively say if exploitation in the wild occurred based on the verbiage in this advisory.
GitLab instances are inheriting the Ruby SAML Auth vuln #CVE202445409 that allows threat actors to forge SAML Assertions. #GitLab drops emergency updates for this CVSS 10/10.
Note that IdP SSO having MFA does NOT protect against this attack. Patching or MFA on the Instance is required.
https://about.gitlab.com/releases/2024/09/17/patch-release-gitlab-17-3-3-released/
#ThreatIntel and #ThreatHunting examples are included at the link
CVE-2024-20685
- 2 Posts
- 1 Interaction
CVE Info
Fediverse
Trend Micro: Vulnerabilities in Cellular Packet Cores Part IV: Authentication
Trend Micro describes two vulnerabilities in Microsoft Azure Private 5G Core (AP5GC). This article is the latest in a series about vulnerabilities in cellular packet cores, using various commercial and open-source products as examples. They are focused more on systemic issues and attack vectors. CVE-2024-20685 (5.9 medium, assigned 09 April 2024) Azure Private 5G Core Denial of Service Vulnerability can lead to potential service outages. Another yet-unassigned vulnerability ZDI-CAN-23960 is titled Microsoft Azure Private 5G Core Un- Authenticated Base Station Override, would disconnect and replace attached base stations, disrupting network operations. Trend Micro gives an overview of cellular network architecture, describes the vulnerabilities and their impact.
#microsoft #ap5gc #cellularnetwork #vulnerability #CVE_2024_20685
"Our research reveals two significant vulnerabilities in Microsoft Azure Private 5G Core (AP5GC). The first vulnerability (CVE-2024-20685) allows a crafted signaling message to crash the control plane, leading to potential service outages. The second (ZDI-CAN-23960) disconnects and replaces attached base stations, disrupting network operations. While these issues are implementation-specific, their exploitation is made possible by a systemic weakness" - https://www.trendmicro.com/en_us/research/24/i/vulnerabilities-in-cellular-packet-cores-part-iv-authentication.html
CVE-2015-7036
- 1 Post
- 5 Interactions
CVE Info
Fediverse
Oh hey, my Mazda vuln got publicly disclosed as 0-day: https://www.zerodayinitiative.com/advisories/ZDI-24-1208/
I will probably write up a blog post about it, but the elevator pitch is that there’s an SQL injection bug in the way Visteon infotainment systems handle iPods that get connected to the car. And because it uses SQLite, you could potentially combine it with the ever-awesome CVE-2015-7036 or something similar to get root code execution.
CVE-2024-29847
- 1 Post
- 1 Interaction
CVE Info
Fediverse
L’Exploit per il Bug di Ivanti è Online: Che la Caccia abbia Inizio! Quindi, Patchare subito
https://poliverso.org/display/0477a01e-61e802fe-4b2901735292b440
L’Exploit per il Bug di Ivanti è Online: Che la Caccia abbia Inizio! Quindi, Patchare subitoÈ apparso online un redhotcyber.com/post/cosa-sono… redhotcyber.com/post/cosa-sono… per una vulnerabilità redhotcyber.com/post/vulnerabi… critica legata all’esecuzione di codice in modalità remota (CVE-2024-29847) in Ivanti Endpoint Manager.
CVE-2024-38813
- 4 Posts
- 22 Interactions
CVE Info
Fediverse
VMware security advisory: VMSA-2024-0019
- CVE-2024-38812 (9.8 critical) VMware vCenter Server heap-overflow vulnerability
- CVE-2024-38813 (7.5 high) VMware vCenter privilege escalation vulnerability
According to the stupid bit.ly shortened link to the Frequently Asked Questions:
Broadcom is not currently aware of exploitation “in the wild.” If that changes the advisory and this document will be updated. Please subscribe to the VMSA mailing list (link above) for proactive alerts.
Obligatory fuck Broadcom.
#vmware #vcenter #vulnerability #cve #CVE_2024_38812 #CVE_2024_38813
❗Broadcom has disclosed two vulnerabilities impacting VMware vCenter servers, found in VMware vSphere and VMware Cloud Foundation products. Successful exploitation of CVE-2024-38812 and CVE-2024-38813 can enable an attacker to send requests that trigger a heap-overflow resulting in RCE or privilege escalation into root.
🛑 Be advised that CVE-2024-38812 is rated as critical with CVSS score of 9.8.
👉 Use our research team’s Rapid Response post to quickly check for potentially vulnerable systems in your environment:
Security Week: VMware Patches Remote Code Execution Flaw Found in Chinese Hacking Contest
Security Week links the VMware vCenter vulnerabilities CVE-2024-38812 and CVE-2024-38813 (see parent toot above for the security advisory) to the 2024 Matrix Cup contest. @nattothoughts has thoughts on that: Matrix Cup: Cultivating Top Hacking Talent, Keeping Close Hold on Results
It prioritizes new talent cultivation and expands the access of intelligence agencies to critical vulnerabilities, as the vulnerabilities found in the contest are likely channeled to the Ministry of State Security (MSS) for potential use in offensive operations.
#CVE_2024_38812 #matrixcup #CVE_2024_38813 #vmware #vulnerability #CVE #vCenter
CVE-2024-8190
KEV- 1 Post
CVE Info
Fediverse
CVE-2024-8190 is an OS command injection vulnerability in Ivanti Cloud Services Appliance (CSA) v4.6, under active exploitation.
https://www.helpnetsecurity.com/2024/09/17/cve-2024-8190/
CVE-2024-43102
- 1 Post
CVE Info
Fediverse
Update : NetApp ONTAP 9(formerly Clustered Data ONTAP) found to be affected by CVE-2024-43102.
Advisory Link: https://security.netapp.com/advisory/ntap-20240916-0001/
CVE-2024-34750
- 1 Post
- 3 Interactions
CVE Info
Fediverse
Atlassian security advisory: Security Bulletin - September 17 2024
I keep forgetting that Atlassian does third Tuesday of the month for #PatchTuesday. Multiple products are updated:
- Bamboo Data Center and Server: CVE-2024-34750 (7.5 High) DoS (Denial of Service)
- Bitbucket Data Center and Server:
- CVE-2024-32007 (7.5 High) DoS
- CVE-2024-34750 (7.5 High) DoS
- Confluence Data Center and Server:
- CVE-2024-29857 (7.5 High) DoS
- CVE-2024-22871 (7.5 High) DoS
- Crowd Data Center and Server: CVE-2024-29857 (7.5 High) DoS
No mention of exploitation.
#Atlassian #Confluence #Bitbucket #Bamboo #vulnerability #CVE
CVE-2024-38112
KEV- 1 Post
CVE Info
Fediverse
Microsoft confirmed CVE-2024-43461, a spoofing vulnerability affecting Windows MSHTML, was exploited as part of an attack chain relating to CVE-2024-38112, prior to July 2024.
https://www.helpnetsecurity.com/2024/09/16/cve-2024-43461-exploited/
CVE-2024-43461
KEV- 1 Post
CVE Info
Fediverse
Microsoft confirmed CVE-2024-43461, a spoofing vulnerability affecting Windows MSHTML, was exploited as part of an attack chain relating to CVE-2024-38112, prior to July 2024.
https://www.helpnetsecurity.com/2024/09/16/cve-2024-43461-exploited/
CVE-2019-1069
- 1 Post
- 6 Interactions
CVE Info
Fediverse
CISA: CISA Adds Five Known Vulnerabilities to Catalog
This is so hot off the press that CISA's press team hasn't created the page yet. 5 are being added to the KEV:
- CVE-2020-14644 (9.8 critical) Oracle WebLogic Server Remote Code Execution Vulnerability
- CVE-2022-21445 (9.8 critical) Oracle JDeveloper Remote Code Execution Vulnerability
- CVE-2019-1069 (7.8 high) Microsoft Windows Task Scheduler Privilege Escalation Vulnerability
- CVE-2020-0618 (8.8 high) Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability
- CVE-2024-27348 (9.8 critical) Apache HugeGraph-Server Improper Access Control Vulnerability
#Cisa #KEV #vulnerability #knownexploitedvulnerabilitiescatalog #CVE #eitw #activeexploitation
CVE-2020-0618
- 1 Post
- 6 Interactions
CVE Info
Fediverse
CISA: CISA Adds Five Known Vulnerabilities to Catalog
This is so hot off the press that CISA's press team hasn't created the page yet. 5 are being added to the KEV:
- CVE-2020-14644 (9.8 critical) Oracle WebLogic Server Remote Code Execution Vulnerability
- CVE-2022-21445 (9.8 critical) Oracle JDeveloper Remote Code Execution Vulnerability
- CVE-2019-1069 (7.8 high) Microsoft Windows Task Scheduler Privilege Escalation Vulnerability
- CVE-2020-0618 (8.8 high) Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability
- CVE-2024-27348 (9.8 critical) Apache HugeGraph-Server Improper Access Control Vulnerability
#Cisa #KEV #vulnerability #knownexploitedvulnerabilitiescatalog #CVE #eitw #activeexploitation
CVE-2024-27348
- 1 Post
- 6 Interactions
CVE Info
Fediverse
CISA: CISA Adds Five Known Vulnerabilities to Catalog
This is so hot off the press that CISA's press team hasn't created the page yet. 5 are being added to the KEV:
- CVE-2020-14644 (9.8 critical) Oracle WebLogic Server Remote Code Execution Vulnerability
- CVE-2022-21445 (9.8 critical) Oracle JDeveloper Remote Code Execution Vulnerability
- CVE-2019-1069 (7.8 high) Microsoft Windows Task Scheduler Privilege Escalation Vulnerability
- CVE-2020-0618 (8.8 high) Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability
- CVE-2024-27348 (9.8 critical) Apache HugeGraph-Server Improper Access Control Vulnerability
#Cisa #KEV #vulnerability #knownexploitedvulnerabilitiescatalog #CVE #eitw #activeexploitation
CVE-2024-37985
- 1 Post
- 3 Interactions
CVE Info
Fediverse
Microsoft Security Response Center (MSRC) security advisories:
- CVE-2024-38183 (8.8 high) GroupMe Elevation of Privilege Vulnerability
- CVE-2024-43460 (8.1 high) Dynamics 365 Business Central Elevation of Privilege Vulnerability
These two are not exploited, not publicly disclosed, and exploitation less likely. "This vulnerability has already been fully mitigated by Microsoft. There is no action for users of this service to take. This purpose of this CVE is to provide further transparency."
In other news, MSRC updated CVE-2024-37985 (5.9 medium, disclosed 09 July 2024 by Microsoft as a EDIT: publicly-disclosed* vulnerability) Windows Kernel Information Disclosure Vulnerability. "Updated CNA for this CVE to Microsoft and updated the FAQ. This is an informational update only."
#MSRC #Microsoft #vulnerability #CVE #CVE_2024_38183 #CVE_2024_43460 #CVE_2024_37985