RCE

  • Blog

    Exploit released for critical WhatsUp Gold RCE flaw, patch now

    A proof-of-concept (PoC) exploit for a critical-severity remote code execution flaw in Progress WhatsUp Gold has been published, making it critical to install the latest security updates as soon as possible. The flaw is tracked as CVE-2024-8785 (CVSS v3.1 score: 9.8) and was discovered by Tenable in mid-August 2024. It exists in the NmAPI.exe process in WhatsUp Gold versions from…

    Read More »
  • Blog

    Critical RCE bug in VMware vCenter Server now exploited in attacks

    ​Broadcom warned today that attackers are now exploiting two VMware vCenter Server vulnerabilities, one of which is a critical remote code execution flaw. TZL security researchers reported the RCE vulnerability (CVE-2024-38812) during China’s 2024 Matrix Cup hacking contest. It is caused by a heap overflow weakness in the vCenter’s DCE/RPC protocol implementation and affects products containing vCenter, including VMware vSphere…

    Read More »
  • Blog

    Palo Alto Networks warns of critical RCE zero-day exploited in attacks

    Palo Alto Networks is warning that a critical zero-day vulnerability on Next-Generation Firewalls (NGFW) management interfaces, currently tracked as ‘PAN-SA-2024-0015,’ is actively being exploited in attacks. The flaw was originally disclosed on November 8, 2024, with Palo Alto Networks warning customers to restrict access to their next-generation firewalls because of a “potential” remote code execution (RCE) vulnerability impacting them. No signs…

    Read More »
  • Blog

    HPE warns of critical RCE flaws in Aruba Networking access points

    Hewlett Packard Enterprise (HPE) released updates for Instant AOS-8 and AOS-10 software to address two critical vulnerabilities in Aruba Networking Access Points. The two security issues could allow a remote attacker to perform unauthenticated command injection by sending specially crafted packets to Aruba’s Access Point management protocol (PAPI) over UDP port 8211. The critical flaws are tracked as CVE-2024-42509 and CVE-2024-47460, and have…

    Read More »
  • Blog

    Palo Alto Networks warns of potential PAN-OS RCE vulnerability

    Today, cybersecurity company Palo Alto Networks warned customers to restrict access to their next-generation firewalls because of a potential remote code execution vulnerability in the PAN-OS management interface. In a security advisory published on Friday, the company said it doesn’t yet have additional information regarding this alleged security flaw and added that it has yet to detect signs of active exploitation.…

    Read More »
  • Blog

    Critical Veeam RCE bug now used in Frag ransomware attacks

    After being used in Akira and Fog ransomware attacks, a critical Veeam Backup & Replication (VBR) security flaw was also recently exploited to deploy Frag ransomware. Code White security researcher Florian Hauser found that the vulnerability (tracked as CVE-2024-40711) is caused by a deserialization of untrusted data weakness that unauthenticated threat actors can exploit to gain remote code execution (RCE)…

    Read More »
  • Blog

    Microsoft SharePoint RCE bug exploited to breach corporate network

    A recently disclosed Microsoft SharePoint remote code execution (RCE) vulnerability tracked as CVE-2024-38094 is being exploited to gain initial access to corporate networks. CVE-2024-38094 is a high-severity (CVSS v3.1 score: 7.2) RCE flaw impacting Microsoft SharePoint, a widely used web-based platform functioning as an intranet, document management, and collaboration tool that can seamlessly integrate with Microsoft 365 apps. Microsoft fixed…

    Read More »
  • Blog

    VMware fixes bad patch for critical vCenter Server RCE flaw

    VMware has released another security update for CVE-2024-38812, a critical VMware vCenter Server remote code execution vulnerability that was not correctly fixed in the first patch from September 2024. The flaw is rated critical (CVSS v3.1 score: 9.8) and stems from a heap overflow weakness in vCenter’s DCE/RPC protocol implementation, impacting the vCenter Server and any products incorporating it, such…

    Read More »
  • Blog

    Akira and Fog ransomware now exploit critical Veeam RCE flaw

    Ransomware gangs now exploit a critical security vulnerability that lets attackers gain remote code execution (RCE) on vulnerable Veeam Backup & Replication (VBR) servers. Code White security researcher Florian Hauser found that the security flaw, now tracked as CVE-2024-40711, is caused by a deserialization of untrusted data weakness that unauthenticated threat actors can exploit in low-complexity attacks. Veeam disclosed the…

    Read More »
  • Blog

    CISA says critical Fortinet RCE flaw now exploited in attacks

    ​Today, CISA revealed that attackers actively exploit a critical FortiOS remote code execution (RCE) vulnerability in the wild. The flaw (CVE-2024-23113) is caused by the fgfmd daemon accepting an externally controlled format string as an argument, which can let unauthenticated threat actors execute commands or arbitrary code on unpatched devices in low-complexity attacks that don’t require user interaction. As Fortinet…

    Read More »
Back to top button
close