SIMATIC IT LMS, SIMATIC IT Production Suite, SIMATIC IT UA Discrete Manufacturing, SIMATIC IT UA Discrete Manufacturing, SIMATIC IT UA Discrete Manufacturing, SIMATIC IT UA Discrete Manufacturing, SIMATIC IT UA Discrete Manufacturing Security Vulnerabilities
Developer Accounts Compromised Due to Credential Reuse in WordPress.org Supply Chain Attack
On June 24th, 2024, the Wordfence Threat Intelligence Team became aware of a WordPress plugin, Social Warfare, that was infected with malware through the WordPress repository. Upon further investigation, our team quickly identified 4 additional affected plugins through our internal Threat...
8.4AI Score
A vulnerability was found in Genexis Tilgin Fiber Home Gateway HG1522 CSx000-01_09_01_12. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /status/product_info/. The manipulation of the argument product_info leads to cross site scripting......
4.3CVSS
0.0004EPSS
A vulnerability was found in Genexis Tilgin Fiber Home Gateway HG1522 CSx000-01_09_01_12. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /status/product_info/. The manipulation of the argument product_info leads to cross site scripting......
4.3CVSS
4.4AI Score
0.0004EPSS
CVE-2024-6355 Genexis Tilgin Fiber Home Gateway HG1522 cross site scripting
A vulnerability was found in Genexis Tilgin Fiber Home Gateway HG1522 CSx000-01_09_01_12. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /status/product_info/. The manipulation of the argument product_info leads to cross site scripting......
4.3CVSS
4.4AI Score
0.0004EPSS
CVE-2024-6355 Genexis Tilgin Fiber Home Gateway HG1522 cross site scripting
A vulnerability was found in Genexis Tilgin Fiber Home Gateway HG1522 CSx000-01_09_01_12. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /status/product_info/. The manipulation of the argument product_info leads to cross site scripting......
4.3CVSS
0.0004EPSS
File upload vulnerability found in Softexpert Excellence Suite v.2.1 allows attackers to execute arbitrary code via a .php file upload to the form/efms_exec_html/file_upload_parser.php...
7.5AI Score
0.0004EPSS
File upload vulnerability found in Softexpert Excellence Suite v.2.1 allows attackers to execute arbitrary code via a .php file upload to the form/efms_exec_html/file_upload_parser.php...
0.0004EPSS
Takeaways From The Take Command Summit: Unprecedented Threat Landscape
The Rapid7 Take Command summit unveiled crucial findings from the 2024 Attack Intelligence Report, offering invaluable insights for cybersecurity professionals navigating today's complex threat landscape. Key takeaways from the 30 minute panel: Rise of Zero-Day Exploits: 53% of mass compromise...
7.6AI Score
USN-6566-1 fixed several vulnerabilities in SQLite. This update provides the corresponding fix for CVE-2023-7104 for Ubuntu 18.04 LTS. Original advisory details: It was discovered that SQLite incorrectly handled certain memory operations in the sessions extension. A remote attacker could possibly.....
7.3CVSS
7.3AI Score
0.001EPSS
SoftEtherVPN is a an open-source cross-platform multi-protocol VPN Program. When SoftEtherVPN is deployed with L2TP enabled on a device, it introduces the possibility of the host being used for amplification/reflection traffic generation because it will respond to every packet with two response...
7.5CVSS
6.8AI Score
0.0004EPSS
SoftEtherVPN is a an open-source cross-platform multi-protocol VPN Program. When SoftEtherVPN is deployed with L2TP enabled on a device, it introduces the possibility of the host being used for amplification/reflection traffic generation because it will respond to every packet with two response...
7.5CVSS
7.5AI Score
0.0004EPSS
SoftEtherVPN is a an open-source cross-platform multi-protocol VPN Program. When SoftEtherVPN is deployed with L2TP enabled on a device, it introduces the possibility of the host being used for amplification/reflection traffic generation because it will respond to every packet with two response...
7.5CVSS
0.0004EPSS
CVE-2024-38520 SoftEther VPN with L2TP - 2.75x Amplification
SoftEtherVPN is a an open-source cross-platform multi-protocol VPN Program. When SoftEtherVPN is deployed with L2TP enabled on a device, it introduces the possibility of the host being used for amplification/reflection traffic generation because it will respond to every packet with two response...
7.5CVSS
6.8AI Score
0.0004EPSS
CVE-2024-38520 SoftEther VPN with L2TP - 2.75x Amplification
SoftEtherVPN is a an open-source cross-platform multi-protocol VPN Program. When SoftEtherVPN is deployed with L2TP enabled on a device, it introduces the possibility of the host being used for amplification/reflection traffic generation because it will respond to every packet with two response...
7.5CVSS
0.0004EPSS
New “Snowblind” Android Malware Steals Logins, Bypasses Security Features
New Android Malware "Snowblind" bypasses security! It exploits Linux's seccomp to launch scalable attacks and steal your data. Download safely, update your device, and consider mobile security to stay...
7.4AI Score
Summary There are vulnerabilities in IBM® Java™ Version 8 used by IBM Cognos Dashboards on Cloud Pak. IBM Cognos Dashboards on Cloud Pak has addressed these vulnerabilities by upgrading IBM® Java™. There are vulnerabilities in Open-Source Software (OSS) components consumed by IBM Cognos Dashboards....
10CVSS
9.7AI Score
0.107EPSS
Exposure of secrets through system log in Jenkins Structs Plugin
Structs Plugin provides utility functionality used, e.g., in Pipeline to instantiate and configure build steps, typically before their execution. When Structs Plugin 337.v1b_04ea_4df7c8 and earlier fails to configure a build step, it logs a warning message containing diagnostic information that...
6.4AI Score
0.0004EPSS
Secret file credentials stored unencrypted in rare cases by Plain Credentials Plugin
When creating secret file credentials Plain Credentials Plugin 182.v468b_97b_9dcb_8 and earlier attempts to decrypt the content of the file to check if it constitutes a valid encrypted secret. In rare cases the file content matches the expected format of an encrypted secret, and the file content...
6.5AI Score
0.0004EPSS
Secret file credentials stored unencrypted in rare cases by Plain Credentials Plugin
When creating secret file credentials Plain Credentials Plugin 182.v468b_97b_9dcb_8 and earlier attempts to decrypt the content of the file to check if it constitutes a valid encrypted secret. In rare cases the file content matches the expected format of an encrypted secret, and the file content...
6.4AI Score
0.0004EPSS
Exposure of secrets through system log in Jenkins Structs Plugin
Structs Plugin provides utility functionality used, e.g., in Pipeline to instantiate and configure build steps, typically before their execution. When Structs Plugin 337.v1b_04ea_4df7c8 and earlier fails to configure a build step, it logs a warning message containing diagnostic information that...
6.4AI Score
0.0004EPSS
War Crime Prosecutions Enter a New Digital Age
A custom platform developed by SITU Research aided the International Criminal Court’s prosecution in a war crimes trial for the first time. It could change how justice is enacted on an international...
7.3AI Score
When Jenkins Structs Plugin 337.v1b_04ea_4df7c8 and earlier fails to configure a build step, it logs a warning message containing diagnostic information that may contain secrets passed as step parameters, potentially resulting in accidental exposure of secrets through the default system...
0.0004EPSS
When Jenkins Structs Plugin 337.v1b_04ea_4df7c8 and earlier fails to configure a build step, it logs a warning message containing diagnostic information that may contain secrets passed as step parameters, potentially resulting in accidental exposure of secrets through the default system...
6.2AI Score
0.0004EPSS
When Jenkins Structs Plugin 337.v1b_04ea_4df7c8 and earlier fails to configure a build step, it logs a warning message containing diagnostic information that may contain secrets passed as step parameters, potentially resulting in accidental exposure of secrets through the default system...
0.0004EPSS
Episode 2: Behind the Scenes of a Tailor-Made Massive Phishing Campaign Part 2
Executive Summary Last summer, we investigated a massive, global phishing campaign impersonating almost 350 legitimate companies. Our continued investigation into this expansive phishing campaign revealed leaked backend source code, shedding light on the infrastructure behind the operation. This...
7AI Score
Attack of the clones: Getting RCE in Chrome’s renderer with duplicate object properties
In this post, I'll exploit CVE-2024-3833, an object corruption bug in v8, the Javascript engine of Chrome, that I reported in March 2024 as bug 331383939. A similar bug, 331358160, was also reported and was assigned CVE-2024-3832. Both of these bugs were fixed in version 124.0.6367.60/.61....
8.8CVSS
7.6AI Score
0.007EPSS
Multiple vulnerabilities in TP-Link Omada system could lead to root access
The TP-Link Omada system is a software-defined networking solution for small to medium-sized businesses. It touts cloud-managed devices and local management for all Omada devices. The supported devices in this ecosystem vary greatly but include wireless access points, routers, switches, VPN...
8.1CVSS
9.4AI Score
0.001EPSS
Exploit Attempts Recorded Against New MOVEit Transfer Vulnerability - Patch ASAP!
A newly disclosed critical security flaw impacting Progress Software MOVEit Transfer is already seeing exploitation attempts in the wild shortly after details of the bug were publicly disclosed. The vulnerability, tracked as CVE-2024-5806 (CVSS score: 9.1), concerns an authentication bypass that...
9.8CVSS
9.9AI Score
0.969EPSS
About a year ago I wrote that "I want to use XAES-256-GCM/11, which has a number of nice properties and only the annoying defect of not existing." Well, there is now an XAES-256-GCM specification. (Had to give up on the /11 part, but that was just a performance optimization.) XAES-256-GCM is an...
7.3AI Score
[updated] Federal Reserve “breached” data may actually belong to Evolve Bank
A shockwave went through the financial world when ransomware group LockBit claimed to have breached the US Federal Reserve, the central banking system of the United States. On LockBit's dark web leak site, the group threatened to release over 30 TB of banking information containing Americans'...
7.4AI Score
Summary There are multiple vulnerabilities in Node.js and IBM WebSphere Application Server Liberty used by IBM Cloud Transformation Advisor (CVE-2024-27983, CVE-2024-27980, CVE-2024-22329, CVE-2024-27982, CVE-2024-22354, CVE-2024-4068). Vulnerability Details ** CVEID: CVE-2024-27983 DESCRIPTION:...
7.5CVSS
9.2AI Score
EPSS
Exploit for Path Traversal in Apache Http Server
CVE-2021-42013: Apache HTTP Server Path Traversal and Remote...
9.8CVSS
9.6AI Score
0.974EPSS
Andreas Hasenack discovered that netplan incorrectly handled the permissions for netdev files containing wireguard configuration. An attacker could use this to obtain wireguard secret keys. It was discovered that netplan configuration could be manipulated into injecting arbitrary commands while...
6.5CVSS
7.8AI Score
0.0004EPSS
Malicious code in @wdp-gov/catalog-serialization-engine (npm)
-= Per source details. Do not edit below this line.=- Source: ossf-package-analysis (279671687dd3fcc407084cb5aeaab3c707cf47164e8b81c3f1665b61ce19dfd9) The OpenSSF Package Analysis project identified '@wdp-gov/catalog-serialization-engine' @ 3.0.195 (npm) as malicious. It is considered malicious...
7.1AI Score
SiteGuard WP Plugin <= 1.7.6 - Login Page Disclosure
The SiteGuard WP Plugin plugin for WordPress is vulnerable to protection mechanism bypass in all versions up to, and including, 1.7.6. This is due to the plugin not restricting redirects from wp-register.php which may disclose the login page URL. This makes it possible for unauthenticated...
7AI Score
0.001EPSS
linux-oracle-6.5 vulnerabilities
Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service (system crash). (CVE-2023-6356, CVE-2023-6535, CVE-2023-6536)...
7.8CVSS
7.7AI Score
0.001EPSS
Keep Your Tech Flame Alive: Trailblazer Mie Elmkvist Schneider
In this Akamai FLAME Trailblazer blog post, Mie Elmkvist Schneider from Queue-it describes the differences between being a manager and being a...
7.3AI Score
Malicious code in @wdp-gov/lineage-component (npm)
-= Per source details. Do not edit below this line.=- Source: ossf-package-analysis (d71a3c3672d613586050e5166426a68d0f5b4ab173d202c331b0259a3919c5a3) The OpenSSF Package Analysis project identified '@wdp-gov/lineage-component' @ 1.0.33 (npm) as malicious. It is considered malicious because: The...
7.1AI Score
Ashok - A OSINT Recon Tool, A.K.A Swiss Army Knife
Reconnaissance is the first phase of penetration testing which means gathering information before any real attacks are planned So Ashok is an Incredible fast recon tool for penetration tester which is specially designed for Reconnaissance" title="Reconnaissance">Reconnaissance phase. And in...
7AI Score
ruby2.7, ruby3.0, ruby3.1 vulnerability
It was discovered that Ruby incorrectly handled the ungetbyte and ungetc methods. A remote attacker could use this issue to cause Ruby to crash, resulting in a denial of service, or possibly obtain sensitive...
7.3AI Score
EPSS
It was discovered that Wget incorrectly handled semicolons in the userinfo subcomponent of a URI. A remote attacker could possibly trick a user into connecting to a different host than...
6.7AI Score
0.0004EPSS
Summary IBM Cloud Pak for Network Automation 2.7.4 addresses multiple security vulnerabilities, listed in the CVEs below. Vulnerability Details ** CVEID: CVE-2022-48554 DESCRIPTION: **File is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the file_copystr...
7.8CVSS
9.6AI Score
EPSS
A vulnerability, which was classified as problematic, was found in ZKTeco ZKBio CVSecurity V5000 4.1.0. This affects an unknown part of the component Push Configuration Section. The manipulation of the argument Configuration Name leads to cross site scripting. It is possible to initiate the attack....
2.4CVSS
0.0004EPSS
A vulnerability, which was classified as problematic, was found in ZKTeco ZKBio CVSecurity V5000 4.1.0. This affects an unknown part of the component Push Configuration Section. The manipulation of the argument Configuration Name leads to cross site scripting. It is possible to initiate the attack....
2.4CVSS
3.5AI Score
0.0004EPSS
Malwarebytes Premium Security stops 100% of malware during AV Lab test
Malwarebytes Premium Security has maintained its long-running, perfect record in protecting users against online threats by blocking 100% of the malware samples deployed in the AV Lab Cybersecurity Foundation’s “Advanced In-The-Wild Malware Test.” For its performance in the May 2024 evaluation,...
7AI Score
CVE-2024-6344 ZKTeco ZKBio CVSecurity V5000 Push Configuration Section cross site scripting
A vulnerability, which was classified as problematic, was found in ZKTeco ZKBio CVSecurity V5000 4.1.0. This affects an unknown part of the component Push Configuration Section. The manipulation of the argument Configuration Name leads to cross site scripting. It is possible to initiate the attack....
2.4CVSS
3.5AI Score
0.0004EPSS
CVE-2024-6344 ZKTeco ZKBio CVSecurity V5000 Push Configuration Section cross site scripting
A vulnerability, which was classified as problematic, was found in ZKTeco ZKBio CVSecurity V5000 4.1.0. This affects an unknown part of the component Push Configuration Section. The manipulation of the argument Configuration Name leads to cross site scripting. It is possible to initiate the attack....
2.4CVSS
0.0004EPSS
Chinese and N. Korean Hackers Target Global Infrastructure with Ransomware
Threat actors with suspected ties to China and North Korea have been linked to ransomware and data encryption attacks targeting government and critical infrastructure sectors across the world between 2021 and 2023. While one cluster of activity has been associated with the ChamelGang (aka...
7AI Score
Practical Guidance For Securing Your Software Supply Chain
The heightened regulatory and legal pressure on software-producing organizations to secure their supply chains and ensure the integrity of their software should come as no surprise. In the last several years, the software supply chain has become an increasingly attractive target for attackers who.....
6.7AI Score
Apple Patches AirPods Bluetooth Vulnerability That Could Allow Eavesdropping
Apple has released a firmware update for AirPods that could allow a malicious actor to gain access to the headphones in an unauthorized manner. Tracked as CVE-2024-27867, the authentication issue affects AirPods (2nd generation and later), AirPods Pro (all models), AirPods Max, Powerbeats Pro, and....
6.7AI Score
0.0004EPSS