Aggregator

A vulnerability, which was classified as problematic, has been found in Microsoft Windows up to Server 2012. This issue affects the function AhcVerifyAdminContext of the file AppCompatCache.exe of the component Application Compatibility Cache. The manipulation leads to improper access controls (Permission). The identification of this vulnerability is CVE-2015-0002. An attack has to be approached locally. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.

• CVE-2023-45727 North Grid Proself Improper Restriction of XML External Entity (XEE) Reference Vulnerability
• CVE-2024-11680 ProjectSend Improper Authentication Vulnerability
• CVE-2024-11667 Zyxel Multiple Firewalls Path Traversal Vulnerability

Users and administrators are also encouraged to review the Palo Alto Threat Brief: Operation Lunar Peek related to CVE-2024-0012, the Palo Alto Security Bulletin for CVE-2024-0012, and the Palo Alto Security Bulletin for CVE-2024-9474 for additional information. 

These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.

Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.

Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.

Today, CISA—in partnership with the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and international partners—released joint guidance, Enhanced Visibility and Hardening Guidance for Communications Infrastructure. Partners of this guidance include:

•  Australian Signals Directorate’s (ASD’s) Australian Cyber Security Centre (ACSC)
•  Canadian Centre for Cyber Security (CCCS)
• New Zealand’s National Cyber Security Centre (NCSC-NZ)

This guidance was crafted in response to a People’s Republic of China (PRC)-affiliated threat actor’s compromise of "networks of major global telecommunications providers to conduct a broad and significant cyber espionage campaign." The compromise of private communications impacted a limited number of individuals who are primarily involved in government or political activity.

CISA and partners encourage network defenders and engineers of communications infrastructure, and other critical infrastructure organizations with on-premises enterprise equipment, to review and apply the provided best practices, including patching vulnerable devices and services, to reduce opportunities for intrusion. For more information on PRC state-sponsored threat actor activity, see CISA’s People's Republic of China Cyber Threat. For more information on secure by design principles, see CISA’s Secure by Design webpage. Customers should refer to CISA’s Secure by Demand guidance for additional product security considerations.

CISA released eight Industrial Control Systems (ICS) advisories on December 3, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.

• ICSA-24-338-01 Ruijie Reyee OS
• ICSA-24-338-02 Siemens RUGGEDCOM APE1808
• ICSA-24-338-03 Open Automation Software
• ICSA-24-338-04 ICONICS and Mitsubishi Electric GENESIS64 Products
• ICSA-24-338-05 Fuji Electric Monitouch V-SFT
• ICSA-24-338-06 Fuji Electric Tellus Lite V-Simulator
• ICSA-22-307-01 ETIC Telecom Remote Access Server (RAS) (Update B)
• ICSA-24-184-03 ICONICS and Mitsubishi Electric Products (Update A)

CISA encourages users and administrators to review newly released ICS advisories for technical details and mitigations.

2024 年，把 AI 硬件卖到全球第一是一种什么体验？

敢想，敢干！创新大会 2025 嘉宾全阵容官宣！

只需几分钟，AWS密钥泄露即被利用

Push Security unveiled verified stolen credentials detection capability, a new feature designed to reshape how security teams combat identity threats. By analyzing threat intelligence (TI) on stolen credentials and comparing it against active credentials in customer environments, the Push platform eliminates false positives, delivering only actionable alerts to help organizations protect compromised workforce identities. This paradigm shift promises to drastically reduce the noise security teams face, empowering them to act swiftly on verified threats without … More →

The post Push Security introduces verified stolen credentials detection capability appeared first on Help Net Security.

A vulnerability was found in censura 1.16.04. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file censura.php. The manipulation of the argument itemid leads to sql injection. This vulnerability is known as CVE-2009-2593. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in censura 1.16.04. It has been rated as problematic. Affected by this issue is some unknown functionality of the file censura.php. The manipulation of the argument itemid leads to cross site scripting. This vulnerability is handled as CVE-2009-2594. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in Ebayclonescript Ebay Clone 2009. It has been declared as critical. This vulnerability affects unknown code of the file feedback.php. The manipulation of the argument item_id leads to sql injection. This vulnerability was named CVE-2009-3712. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in Opial 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file register.php of the component File Upload. The manipulation leads to improper input validation. This vulnerability is handled as CVE-2009-3753. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability has been found in Tandberg Tandberg Mxp Endpoints F7.0 and classified as very critical. Affected by this vulnerability is an unknown functionality of the component FTP Service. The manipulation leads to memory corruption. This vulnerability is known as CVE-2009-3947. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in LionWiki 3.0.3. It has been rated as critical. This issue affects some unknown processing of the file index.php. The manipulation of the argument page leads to path traversal. The identification of this vulnerability is CVE-2009-3534. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in MorcegoCMS 0.9.6/1.1.0/1.5.0/1.7.6. It has been rated as critical. This issue affects some unknown processing of the file fichero.php. The manipulation leads to sql injection. The identification of this vulnerability is CVE-2009-3713. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as problematic, was found in Opial 1.0. Affected is an unknown function of the file home.php. The manipulation of the argument genres_parent leads to cross site scripting. This vulnerability is traded as CVE-2009-3751. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability has been found in Opial 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file home.php. The manipulation of the argument genres_parent leads to sql injection. This vulnerability is known as CVE-2009-3752. The attack can be launched remotely. Furthermore, there is an exploit available.

Сотни тысяч файлов включали данные о судимостях и собственниках недвижимости.

融合共生 新质网安｜2024科创西安·SSC网络安全大会圆满举办

A vulnerability classified as very critical has been found in AwingSoft Awakening Winds3d Viewer up to 3.0.0.5. This affects an unknown part of the file WindsPly.ocx of the component ActiveX Control. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2009-4588. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.