CISA

  • Blog
    digitpatrox2 weeks ago
    26

    CISA issues alert over two high-severity DrayTek vulnerabilities – here’s what you need to know

    CISA has added three security flaws to its known exploited vulnerabilities (KEV) catalog, including two affecting DrayTek’s network equipment management software, VigorConnect. The third vulnerability added to the catalog affects Kingsoft’s popular WPS Office productivity suite. All three vulnerabilities were described as path traversal flaws, that allow attackers to read sensitive files they should not be able to access. The…

    Read More »
  • Blog
    digitpatroxAugust 17, 2024
    48

    CISA warns critical SolarWinds RCE bug is exploited in attacks

    Image: MidjourneyCISA warned on Thursday that attackers are exploiting a recently patched critical vulnerability in SolarWinds’ Web Help Desk solution for customer support. Web Help Desk (WHD) is IT help desk software widely used by large corporations, government agencies, and healthcare and education organizations worldwide to centralize, automate, and streamline help desk management tasks. Tracked as CVE-2024-28986, this Java deserialization…

    Read More »
Back to top button
close