/
/
Weekly Threat & Vulnerabilities Report

Weekly Threat & Vulnerabilities Report

Report
May 31, 2024
Profile Icon

Jason Franscisco

CVE-2024-4978
arrow pointing top right
Embedded Malicious Code vulnerability
CISA-KEV
OSS
Zero Day
High
Affected Product
Justice AV Solutions (JAVS) Viewer software
CVSS Score
8.4
EPSS Score
0.02833
CVE-2024-5274
arrow pointing top right
Type confusion vulnerability
CISA-KEV
OSS
Zero Day
High
Affected Product
Google Chrome
Exploited-in-Wild
CVSS Score
8.8
EPSS Score
0.00299
CVE-2024-24919
arrow pointing top right
Information disclosure vulnerability
CISA-KEV
OSS
Zero Day
High
Affected Product
Check Point Quantum Security Gateways
CVSS Score
8.6
EPSS Score
0.94504
CVE-2024-1086
arrow pointing top right
Use-after-free vulnerability
CISA-KEV
OSS
Zero Day
High
Affected Product
Linux Kernel
CVSS Score
7.8
EPSS Score
0.00969
Exploit Activity and Mass Scanning Observed on Cytellite Sensors
Telemetry collected from Loginsoft sensors were analyzed and processed to derive insights on what is actively being exploited and actively being scanned.  As source of truth, source IPv4 addresses & payloads can be provided on need-to-know basis.
CVE-2023-4415
arrow pointing top right
CISA-KEV
High

Improper Authenticationvulnerability in Ruijie RG-EW1200G 07161417 r483

Affected Products
Ruijie RG-EW1200G 07161417 r483
Exploited-in-Wild

False

CVE-2023-38646
arrow pointing top right
CISA-KEV
Critical

Remote code execution vulnerability in Metabaseopen source and Metabase Enterprise

Affected Products
Metabase open source/Enterprise
CVE-2023-31192
arrow pointing top right
CISA-KEV
Medium

Information Disclosure vulnerability in the  ClientConnect() functionality of SoftEther VPN

Affected Products
SoftEther VPN
Exploited-in-Wild

False

CVE-2023-26801
arrow pointing top right
CISA-KEV
Critical

Command injection vulnerability in LB-LINK devices.

Affected Products
LB-LINK
Exploited-in-Wild
CVE-2023-1389
arrow pointing top right
CISA-KEV
High

Command Injection Vulnerability in TP-Link ArcherAX-21

Affected Products
TP-Link Archer AX-21
Exploited-in-Wild
CVE-2022-41040
arrow pointing top right
CISA-KEV
High

Server-Side Request Forgery Vulnerability inMicrosoft Exchange Server

Affected Products
Microsoft Exchange Server
Exploited-in-Wild
CVE-2022-30023
arrow pointing top right
CISA-KEV
High

Command injection vulnerability via the Ping function  in Tenda Products

Affected Products
Tenda Devices
Exploited-in-Wild
CVE-2022-34045
arrow pointing top right
CISA-KEV
Critical

Hardcoded encryption/decryption key vulnerabilityin Wavlink

Affected Products
Wavlink Devices
Exploited-in-Wild

False

CVE-2022-30489
arrow pointing top right
CISA-KEV
Medium

cross-site scripting vulnerability in Wavlink Devices

Affected Products
Wavlink Devices
Exploited-in-Wild

False

CVE-2022-25168
arrow pointing top right
CISA-KEV
Critical

Command injection vulnerability in Hadoop

Affected Products
Apache Hadoop
Exploited-in-Wild

False

Vulnerabilities abused by Botnet
Identified vulnerabilities exploited by Botnets, including recent CVEs logged in Malware Information Sharing Platform (MISP). Presenting the top 5 CVEs with payloads suggestive of Botnet activities, like utilizing wget with IP addresses.

An unauthenticated command injection vulnerability found in the TP-Link Archer AX21 WiFi router.

Command injection vulnerability in LB-LINK

Affected Product
Lb-Link Devices
Abused by Botnet

Improper protocol access control vulnerability in Eir D1000 modem

Affected Product
Eir D1000 modem
Abused by Botnet

Remote code execution vulnerability in Huawei HG532 router

Affected Product
Huawei HG532
Abused by Botnet
Vulnerabilities Abused by Malware
We proactively monitor the vulnerabilities which are targeted by adversaries. Each vulnerability is humanly studied and mapped with Mitre ATT&CK tactics and techniques. Source of information is derived from our vulnerability intelligence platform collected and curated information from various sources such as Twitter, Telegram, OSINT groups, Blogs, Data leak sites and more.

Embedded Malicious Code vulnerability in Justice AV Solutions Viewer Setup 8.3.7.250-1

PRE-NVD observed for this week
It refers to vulnerabilities discovered and potentially exploited before their official inclusion in the National Vulnerability Database. The LOVI Platform aggregates and distributes data from open sources and social media, currently tracking over 100 security alerts and planning to expand.
CVE-2024-1868
arrow pointing top right
Local Privilege Escalation
Affected Product
G DATA Total Security
CVE-2023-26322
arrow pointing top right
Remote Code Execution
Affected Product
Xiaomi Pro 13
Reference
CVE-2023-50738
arrow pointing top right
Remote Code Execution
Affected Product
Lexmark CX331adwe

Sign up to our Newsletter