/
/
Weekly Threat & Vulnerabilities Report

Weekly Threat & Vulnerabilities Report

Report
June 14, 2024
Profile Icon

Jason Franscisco

CVE-2024-4610
arrow pointing top right
Privilege Escalation
CISA-KEV
OSS
Zero Day
Medium
Affected Product
ARM Mali GPU Kernel Driver
CVSS Score
7.8
EPSS Score
0.21262
CVE-2024-4577
arrow pointing top right
Security Feature Bypass
CISA-KEV
OSS
Zero Day
Critical
Affected Product
PHP-CGI
CVSS Score
9.8
EPSS Score
0.93199
CVE-2024-32896
arrow pointing top right
Privilege Escalation
CISA-KEV
OSS
Zero Day
High
Affected Product
Google Pixel Firmwire
CVSS Score
0
EPSS Score
0.00154
CVE-2024-4358
arrow pointing top right
Authentication bypass
CISA-KEV
OSS
Zero Day
Critical
Affected Product
Telerik Report Server
CVSS Score
9.8
EPSS Score
0.05027
CVE-2024-26169
arrow pointing top right
Improper Privilege Management
CISA-KEV
OSS
Zero Day
High
Affected Product
Windows Error Reporting Service
CVSS Score
7.8
EPSS Score
0.0004
Exploit Activity and Mass Scanning Observed on Cytellite Sensors
Telemetry collected from Loginsoft sensors were analyzed and processed to derive insights on what is actively being exploited and actively being scanned.  As source of truth, source IPv4 addresses & payloads can be provided on need-to-know basis.
CVE-2024-4577
arrow pointing top right
CISA-KEV
Critical
Affected Products
PHP-CGI
CVE-2024-1709
arrow pointing top right
CISA-KEV
Critical

Authentication Bypass Vulnerability in ConnectWise ScreenConnect.

Affected Products
ConnectWise ScreenConnect
Exploited-in-Wild
CVE-2023-38646
arrow pointing top right
CISA-KEV
Critical

Remote code execution vulnerability in Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1.

Affected Products
Metabase open source/Enterprise
CVE-2023-26801
arrow pointing top right
CISA-KEV
Critical

Command injection vulnerability in LB-LINK devices.

Affected Products
LB-LINK
Exploited-in-Wild
CVE-2023-1389
arrow pointing top right
CISA-KEV
High

An unauthenticated command injection vulnerability found in the TP-Link Archer AX21 WiFi router.

Affected Products
TP-Link Archer AX21
Exploited-in-Wild
CVE-2022-30023
arrow pointing top right
CISA-KEV
High

Command injection vulnerability via the Ping function in Tenda Products.

Affected Products
Tenda Devices
Exploited-in-Wild
Vulnerabilities abused by Botnet
Identified vulnerabilities exploited by Botnets, including recent CVEs logged in Malware Information Sharing Platform (MISP). Presenting the top 5 CVEs with payloads suggestive of Botnet activities, like utilizing wget with IP addresses.

An unauthenticated command injection vulnerability found in the TP-Link Archer AX21 WiFi router.

Remote code execution vulnerability in Huawei HG532 router

Improper protocol access control vulnerability in Eir D1000 modem .

Vulnerabilities Abused by Malware
We proactively monitor the vulnerabilities which are targeted by adversaries. Each vulnerability is humanly studied and mapped with Mitre ATT&CK tactics and techniques. Source of information is derived from our vulnerability intelligence platform collected and curated information from various sources such as Twitter, Telegram, OSINT groups, Blogs, Data leak sites and more.

Elevation of privilege vulnerability in the Windows Error Reporting Service.

Remote code execution (RCE) vulnerability Apache RocketMQ.

Remote code execution (RCE) vulnerability in the ThinkPHP framework.

Patch
green globe icon with magnifying glass

Remote code execution (RCE) vulnerability in the ThinkPHP framework.

Targeted by Malware

Remote code execution (RCE) vulnerability in the ThinkPHP framework.

Patch
green globe icon with magnifying glass

Remote code execution (RCE) vulnerability in the ThinkPHP framework.

Targeted by Malware
PRE-NVD observed for this week
It refers to vulnerabilities discovered and potentially exploited before their official inclusion in the National Vulnerability Database. The LOVI Platform aggregates and distributes data from open sources and social media, currently tracking over 100 security alerts and planning to expand.
CVE-2024-22512
arrow pointing top right
Remote code execution
Affected Product
Allegra Versions lower 7.5.1
CVE-2024-30419
arrow pointing top right
Denial of service
Affected Product
python-idna-3.7-1.fc39
CVE-2024-30420
arrow pointing top right
Server-side request forgery
Affected Product
a-blog cms Versions earlier than Ver.3.1.12
CVE-2024-36041
arrow pointing top right
Broken Authentication and Session Management
Affected Product
plasma-workspace package
CVE-2024-5719
arrow pointing top right
Command Injection
Affected Product
Unified SecOps Platform

Sign up to our Newsletter