RCE

  • Blog
    digitpatrox3 days ago
    14

    Critical RCE bug in VMware vCenter Server now exploited in attacks

    ​Broadcom warned today that attackers are now exploiting two VMware vCenter Server vulnerabilities, one of which is a critical remote code execution flaw. TZL security researchers reported the RCE vulnerability (CVE-2024-38812) during China’s 2024 Matrix Cup hacking contest. It is caused by a heap overflow weakness in the vCenter’s DCE/RPC protocol implementation and affects products containing vCenter, including VMware vSphere…

    Read More »
  • Blog
    digitpatrox4 days ago
    16

    Palo Alto Networks warns of critical RCE zero-day exploited in attacks

    Palo Alto Networks is warning that a critical zero-day vulnerability on Next-Generation Firewalls (NGFW) management interfaces, currently tracked as ‘PAN-SA-2024-0015,’ is actively being exploited in attacks. The flaw was originally disclosed on November 8, 2024, with Palo Alto Networks warning customers to restrict access to their next-generation firewalls because of a “potential” remote code execution (RCE) vulnerability impacting them. No signs…

    Read More »
  • Blog
    digitpatrox2 weeks ago
    83

    HPE warns of critical RCE flaws in Aruba Networking access points

    Hewlett Packard Enterprise (HPE) released updates for Instant AOS-8 and AOS-10 software to address two critical vulnerabilities in Aruba Networking Access Points. The two security issues could allow a remote attacker to perform unauthenticated command injection by sending specially crafted packets to Aruba’s Access Point management protocol (PAPI) over UDP port 8211. The critical flaws are tracked as CVE-2024-42509 and CVE-2024-47460, and have…

    Read More »
  • Blog
    digitpatrox2 weeks ago
    88

    Palo Alto Networks warns of potential PAN-OS RCE vulnerability

    Today, cybersecurity company Palo Alto Networks warned customers to restrict access to their next-generation firewalls because of a potential remote code execution vulnerability in the PAN-OS management interface. In a security advisory published on Friday, the company said it doesn’t yet have additional information regarding this alleged security flaw and added that it has yet to detect signs of active exploitation.…

    Read More »
  • Blog
    digitpatrox2 weeks ago
    25

    Critical Veeam RCE bug now used in Frag ransomware attacks

    After being used in Akira and Fog ransomware attacks, a critical Veeam Backup & Replication (VBR) security flaw was also recently exploited to deploy Frag ransomware. Code White security researcher Florian Hauser found that the vulnerability (tracked as CVE-2024-40711) is caused by a deserialization of untrusted data weakness that unauthenticated threat actors can exploit to gain remote code execution (RCE)…

    Read More »
  • Blog
    digitpatrox3 weeks ago
    30

    Microsoft SharePoint RCE bug exploited to breach corporate network

    A recently disclosed Microsoft SharePoint remote code execution (RCE) vulnerability tracked as CVE-2024-38094 is being exploited to gain initial access to corporate networks. CVE-2024-38094 is a high-severity (CVSS v3.1 score: 7.2) RCE flaw impacting Microsoft SharePoint, a widely used web-based platform functioning as an intranet, document management, and collaboration tool that can seamlessly integrate with Microsoft 365 apps. Microsoft fixed…

    Read More »
  • Blog
    digitpatroxOctober 22, 2024
    29

    VMware fixes bad patch for critical vCenter Server RCE flaw

    VMware has released another security update for CVE-2024-38812, a critical VMware vCenter Server remote code execution vulnerability that was not correctly fixed in the first patch from September 2024. The flaw is rated critical (CVSS v3.1 score: 9.8) and stems from a heap overflow weakness in vCenter’s DCE/RPC protocol implementation, impacting the vCenter Server and any products incorporating it, such…

    Read More »
  • Blog
    digitpatroxOctober 10, 2024
    42

    Akira and Fog ransomware now exploit critical Veeam RCE flaw

    Ransomware gangs now exploit a critical security vulnerability that lets attackers gain remote code execution (RCE) on vulnerable Veeam Backup & Replication (VBR) servers. Code White security researcher Florian Hauser found that the security flaw, now tracked as CVE-2024-40711, is caused by a deserialization of untrusted data weakness that unauthenticated threat actors can exploit in low-complexity attacks. Veeam disclosed the…

    Read More »
  • Blog
    digitpatroxOctober 10, 2024
    50

    CISA says critical Fortinet RCE flaw now exploited in attacks

    ​Today, CISA revealed that attackers actively exploit a critical FortiOS remote code execution (RCE) vulnerability in the wild. The flaw (CVE-2024-23113) is caused by the fgfmd daemon accepting an externally controlled format string as an argument, which can let unauthenticated threat actors execute commands or arbitrary code on unpatched devices in low-complexity attacks that don’t require user interaction. As Fortinet…

    Read More »
  • Blog
    digitpatroxOctober 9, 2024
    53

    New scanner finds Linux, UNIX servers exposed to CUPS RCE attacks

    An automated scanner has been released to help security professionals scan environments for devices vulnerable to the Common Unix Printing System (CUPS) RCE flaw tracked as CVE-2024-47176. The flaw, which enables attackers to perform arbitrary remote code execution if certain conditions are met, was disclosed late last month by the person who discovered it, Simone Margaritelli. Although its RCE aspect…

    Read More »
Load More
Back to top button
close