3094 matches found
CVE-2023-49213
The API endpoints in Ironman PowerShell Universal 3.0.0 through 4.2.0 allow remote attackers to execute arbitrary commands via crafted HTTP requests if a param block is used, due to invalid sanitization of input strings. The fixed versions are 3.10.2, 4.1.10, and 4.2.1...
Design/Logic Flaw
The API endpoints in Ironman PowerShell Universal 3.0.0 through 4.2.0 allow remote attackers to execute arbitrary commands via crafted HTTP requests if a param block is used, due to invalid sanitization of input strings. The fixed versions are 3.10.2, 4.1.10, and 4.2.1...
Information Disclosure
PowerShell is vulnerable to Information Disclosure. The vulnerability is due to the PowerShell Web cmdlets, which allows an attacker to exfiltrate sensitive information from a targeted site...
CVE-2023-49213
The CVE-2023-49213 issue affects Ironman PowerShell Universal versions 3.0.0 through 4.2.0. The vulnerability arises from invalid sanitization of input strings in API endpoints, allowing remote attackers to execute arbitrary commands via crafted HTTP requests when a param block is used. Fixed ver...
Ironman Software PowerShell Universal Security Vulnerability
Ironman Software PowerShell Universal is a single pane for managing and delegating access to automation environments from Ironman Software. A security vulnerability exists in Ironman Software PowerShell Universal versions 3.0.0 through 4.2.0, which stems from an invalid filtering of input strings...
The Rise of NetSupport RAT Recent Infections and Sector Impact
Summary: Threat actors exploit NetSupport Manager into a Remote Access Trojan RAT, leading to a recent surge in infections across multiple sectors. The evolving attack chain involves deceptive website downloads, JavaScript payloads, and PowerShell commands, emphasizing the need for vigilant...
LockBit Ransomware Exploiting Critical Citrix Bleed Vulnerability to Break In
Multiple threat actors, including LockBit ransomware affiliates, are actively exploiting a recently disclosed critical security flaw in Citrix NetScaler application delivery control ADC and Gateway appliances to obtain initial access to target environments. The joint advisory comes from the U.S...
Scattered Spider ransomware gang falls under government agency scrutiny
As you may have read in our November Ransomware Review, Scattered Spider is a relatively new, albeit dangerous, ransomware gang who made headlines in September for attacking MGM Resorts and Caesar Entertainment. For small security teams, one of the most important findings about the group is their...
CVE-2023-36013
PowerShell Information Disclosure Vulnerability...
CVE-2023-36013
PowerShell Information Disclosure Vulnerability...
Information disclosure
PowerShell Information Disclosure Vulnerability...
CVE-2023-36013
CVE-2023-36013 is a PowerShell information-disclosure vulnerability with a CVSS v3.1 base score 6.5 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N). Several connected advisories document affected environments and versions. In macOS (Photon/Tenable Nessus NASL entries), Microsoft PowerShell 7.2.x is vulnera...
CVE-2023-36013
PowerShell Information Disclosure Vulnerability...
CVE-2023-36013 PowerShell Information Disclosure Vulnerability
...
CVE-2023-36013 PowerShell Information Disclosure Vulnerability
...
NetSupport RAT Infections on the Rise - Targeting Government and Business Sectors
Threat actors are targeting the education, government and business services sectors with a remote access trojan called NetSupport RAT. "The delivery mechanisms for the NetSupport RAT encompass fraudulent updates, drive-by downloads, utilization of malware loaders such as GHOSTPULSE, and various...
PowerShell Information Disclosure Vulnerability
...
Microsoft Windows PowerShell Security Vulnerability
Microsoft Windows PowerShell is a command line shell program and scripting environment from Microsoft that enables command line users and script writers to leverage the power of . A security vulnerability exists in Microsoft Windows PowerShell that originates from an information disclosure...
Explanation of Delivery Group power management for single session
Explain the detail difference between"Machines to be powered on" in delivery group and "PeakBufferSizePercent" in DDC powershell SDK, when control the power management for pool random delivery groupor unassigned machines...
PT-2023-7432 · Microsoft +1 · Windows Powershell +1
Name of the Vulnerable Software and Affected Versions: Windows PowerShell affected versions not specified Description: The vulnerability is related to errors in the authentication procedure of the Windows operating system's PowerShell interpreter. Exploitation of this issue may allow a remote...