Automox Agent 32 Local Privilege Escalation

Exploit Title: Automox Agent 32 - Local Privilege Escalation Date: 13/12/2021 Exploit Author: Greg Foss Writeup: https://www.lacework.com/blog/cve-2021-43326/ Vendor Homepage: https://www.automox.com/ Software Link: https://support.automox.com/help/agents Version: 31, 32, 33 Tested on: Windows 10...

Microsoft Issues Fix for Exchange Y2K22 Bug That Crippled Email Delivery Service

Microsoft, over the weekend, rolled out a fix to address an issue that caused email messages to get stuck on its Exchange Server platforms due to what it blamed on a date validation error at around the turn of the year. "The problem relates to a date check failure with the change of the new year...

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

Log4PowerShell CVE-2021-44228 Proof of Concept A Proof-Of-C...

The vulnerability of the FortiSIEM Windows Agent’s security management system, related to access control deficiencies, allows a perpetrator to execute arbitrary codes or commands via PowerShell scripts.

The vulnerability of the FortiSIEM Windows Agent relates to deficiencies in access control. Exploiting this vulnerability allows an attacker to execute arbitrary code or commands through PowerShell scripts...

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

CVE-2021-44228scanner Applications that are vulnerable to the...

Malicious Exchange Server Module Hoovers Up Outlook Credentials

Researchers have uncovered a previously unknown malicious IIS module, dubbed Owowa, that steals credentials when users log into Microsoft Outlook Web Access OWA. Internet Information Services IIS, Microsoft’s web server/web-hosting software suite, can be extended via various add-ons that are know...

AZL-7049 CVE-2021-43896 affecting package powershell for versions less than 7.2.1-1

Microsoft PowerShell Spoofing Vulnerability...

CVE-2021-43896

Microsoft PowerShell Spoofing Vulnerability...

CVE-2021-43896

Microsoft PowerShell Spoofing Vulnerability...

Spoofing

Microsoft PowerShell Spoofing Vulnerability...

CVE-2021-43896 Microsoft PowerShell Spoofing Vulnerability

...

CVE-2021-43896 Microsoft PowerShell Spoofing Vulnerability

...

CVE-2021-43896

CVE-2021-43896 corresponds to Microsoft PowerShell Spoofing Vulnerability. Multiple connected sources confirm this as a PowerShell spoofing issue affecting PowerShell products; affected component is PowerShell, with confirmed remediation via upgraded packages (for example, Mariner entries note fi...

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

CVE-2021-44228scanner Applications that are vulnerable to the...

‘Seedworm’ Attackers Target Telcos in Asia, Middle East

Attackers targeting telcos across the Middle East and Asia for the past six months are linked to Iranian state-sponsored hackers, according to researchers. The cyberespionage campaigns leverage a potent cocktail of spear phishing, known malware and legitimate network utilities that are leveraged ...

Microsoft PowerShell Spoofing Vulnerability

...

Description of the security update for SharePoint Server 2019: December 14, 2021 (KB5002054)

Description of the security update for SharePoint Server 2019: December 14, 2021 KB5002054 Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability and Microsoft SharePoint Server spoofing vulnerability. To learn more about the vulnerabilities, see t...

Description of the security update for SharePoint Enterprise Server 2016: December 14, 2021 (KB5002055)

Description of the security update for SharePoint Enterprise Server 2016: December 14, 2021 KB5002055 Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability and Microsoft SharePoint Server spoofing vulnerability. To learn more about the...

PT-2021-6279 · Microsoft · Powershell

Name of the Vulnerable Software and Affected Versions: Microsoft PowerShell affected versions not specified Description: The issue is related to errors in the representation of information by the user interface of the PowerShell interpreter. Exploitation of this issue may allow an attacker to...

Vulnerabilities fixed in Microsoft Developer Tools

Microsoft has fixed vulnerabilities in several Developer tools. A local malicious person could exploit the vulnerabilities to execute arbitrary code, or to impersonate a user other than himself. The tables below list the vulnerabilities that have been fixed by Microsoft. Visual Studio Code:...