Tag: vulnerability

Docker Engine Authentication Bypass Vulnerability Exploited

The old-new critical vulnerability was found in the Docker Engine

Attackers are actively exploiting a critical vulnerability in the Docker Engine that may allow for authentication bypass in a chain attack. This vulnerability allows attackers to bypass AuthZ authorization plugins, effectively mutilating any auth control. For this and several other reasons, the flaw got the max severity score possible (10.0). Critical Docker Engine Flaw Allows… Continue reading Docker Engine Authentication Bypass Vulnerability Exploited

RegreSSHion OpenSSH Vulnerability Allows for RCE

Researchers has discovered a new “high” severity signal handler race condition vulnerability

A newly discovered vulnerability in OpenSSH nicknamed regreSSHion allows remote attackers to gain root privileges on Linux systems based on glibc library. This flaw enables an unauthenticated attacker to execute arbitrary code on the vulnerable system and obtain root privileges. Considering the wide application of OpenSSH, this flaw can have massive impact, comparable in size… Continue reading RegreSSHion OpenSSH Vulnerability Allows for RCE

New GrimResource Attack Technique Targets MMC, DLL Flaw

Attackers exploit an old vulnerability for a new attack.

A new malicious code execution technique, coined GrimResource, was discovered, targeting Microsoft Management Console. Attackers are exploiting an old cross-site scripting vulnerability that allows them to bypass defenses and deploy malware to endpoints. Attack Technique Exploits Microsoft Management Console Files On June 6, 2024, Elastic reported about discovering a new attack technique that uses Microsoft… Continue reading New GrimResource Attack Technique Targets MMC, DLL Flaw

Microsoft Patches Critical MSMQ Vulnerability

Microsoft reports about fixing a critical flaw in the latest update pack

In the latest Patch Tuesday, on June 11, 2024 Microsoft disclosed fixing a substantial number of flaws, including a remote code execution vulnerability in Microsoft Message Queuing (MSMQ). It plagues the selection of Windows and Windows Server versions, including ones that reached end of life to the moment. At the time, no exploitation facts were… Continue reading Microsoft Patches Critical MSMQ Vulnerability

Critical LG TV Vulnerabilities Allow for Command Execution

LG TV users are advised to update the software to the latest version due to the 4 critical security flaws

LG reports fixing four critical vulnerabilities discovered in many of its TVs. These vulnerabilities were found back in 2023, and could allow malicious actors to gain control of affected LG TVs. Good news – the attacker should connect to the same network to exploit the flaw. Bad news – they can continue using the device… Continue reading Critical LG TV Vulnerabilities Allow for Command Execution

Two Android Zero-Day Flaws in Google Pixel Exploited

Google Pixel smartphone owners are advised to update their devices to the latest version as soon as possible.

Google has disclosed that two Android zero-day security vulnerabilities have been detected in its Pixel smartphones. The patch is already available, as Google claimed fixing the flaws in the recent Pixel Update Bulletin. Even worse news is that the flaw is already under exploitation in targeted attacks. Two Android Zero-Day Flaws Exploited in Targeted Attacks… Continue reading Two Android Zero-Day Flaws in Google Pixel Exploited

XZ Utils Backdoor Discovered, Threating Linux Servers

A backdoor in liblzma library, a part of XZ data compression tool was discovered by Andres Freund. The maintainer of the distribution noticed a half-second delay in the updated version, which eventually led him to the flaw. The latter appears to be the brainchild of one of the new XZ maintainers, who pulled off an… Continue reading XZ Utils Backdoor Discovered, Threating Linux Servers

Microsoft SharePoint Vulnerability Exploited, Update Now

A critical vulnerability in Microsoft SharePoint is now under active exploitation

In late March 2024, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued the alert regarding the exploitation of a flaw in Microsoft SharePoint. It was detected back in September 2023, but the facts of active exploitation surfaced only recently. Fortunately, Microsoft offers updates that fix the flaw. Remote code execution vulnerability A vulnerability designated… Continue reading Microsoft SharePoint Vulnerability Exploited, Update Now

GoFetch Vulnerability in Apple Silicon Uncovered

A new vulnerability in Apple Silicon processors allows attackers to extract secret keys from Mac computers.

Researchers uncovered a vulnerability in Apple Silicon processors, dubbed GoFetch. It allows attackers to extract secret keys from Mac computers while performing widespread cryptographic operations. Notably, it is practically impossible to patch the flaw as it stems from the microarchitecture of the processor. Apple Silicon Vulnerability Allows Hackers to Extract Encryption Keys Researchers have discovered… Continue reading GoFetch Vulnerability in Apple Silicon Uncovered

Fortinet RCE Vulnerability Affects FortiClient EMS Servers

Critical vulnerability CVE-2023-48788 in FortiClient EMS, potentially allow remote code execution without authentication.

Fortinet disclosed a critical vulnerability affecting FortiClient EMS products in March 2024. This vulnerability, categorized as an SQL injection, poses a significant cybersecurity threat. Above all, it has the potential to allow remote attackers to execute arbitrary commands on administrative workstations. Fortinet SQLi Vulnerability Causes Remote Code Execution As I mentioned, the vulnerability is classified… Continue reading Fortinet RCE Vulnerability Affects FortiClient EMS Servers