Author: DEFENDEDGE

CISA has added six new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-38189 Microsoft Project Remote Code Execution Vulnerability CVE-2024-38178 Microsoft Windows Scripting Engine Memory Corruption Vulnerability CVE-2024-38213 Microsoft Windows SmartScreen Security Feature Bypass Vulnerability CVE-2024-38193 Microsoft Windows Ancillary Function Driver for WinSock Privilege Escalation Vulnerability CVE-2024-38106 Microsoft Windows Kernel Privilege Escalation Vulnerability CVE-2024-38107 Microsoft Windows… Read more

CISA released ten Industrial Control Systems (ICS) advisories on August 13, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-226-01 AVEVA SuiteLink Server ICSA-24-226-02 Rockwell Automation AADvance Standalone OPC-DA Server ICSA-24-226-03 Rockwell Automation GuardLogix/ControlLogix 5580 Controller  ICSA-24-226-04 Rockwell Automation Pavilion8 ICSA-24-226-05 Rockwell Automation DataMosaix Private Cloud ICSA-24-226-06 Rockwell… Read more

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info Patch Info 10web–Slider by 10Web Responsive Image Slider  The Slider by 10Web – Responsive Image Slider plugin for WordPress is vulnerable to time-based SQL Injection via the ‘id’ parameter in all versions up to, and including, 1.2.57 due to insufficient escaping on the user… Read more

In recent incidents, CISA has seen malicious cyber actors acquire system configuration files by leveraging available protocols or software on devices, such as abusing the legacy Cisco Smart Install feature. CISA recommends organizations disable Smart Install and review NSA’s Smart Install Protocol Misuse advisory and Network Infrastructure Security Guide for configuration guidance.  CISA also continues… Read more

Today, CISA—in partnership with the Federal Bureau of Investigation (FBI)—released an update to joint Cybersecurity Advisory #StopRansomware: Royal Ransomware, #StopRansomware: BlackSuit (Royal) Ransomware. The updated advisory provides network defenders with recent and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) associated with BlackSuit and legacy Royal activity. FBI investigations identified these… Read more

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source & Patch Info Apache Software Foundation–Apache SeaTunnel Web  Web Authentication vulnerability in Apache SeaTunnel. Since the jwt key is hardcoded in the application, an attacker can forge any token to log in any user. Attacker can get secret key in /seatunnel-server/seatunnel-app/src/main/resources/application.yml and then create a token. This issue… Read more

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source & Patch Info 202ecommerce–paypal  In the module “PayPal Official” for PrestaShop 7+ releases prior to version 6.4.2 and for PrestaShop 1.6 releases prior to version 3.18.1, a malicious customer can confirm an order even if payment is finally declined by PayPal. A logical weakness during… Read more

Summary The U.S. Federal Bureau of Investigation (FBI) and the following authoring partners are releasing this Cybersecurity Advisory to highlight cyber espionage activity associated with the Democratic People’s Republic of Korea (DPRK)’s Reconnaissance General Bureau (RGB) 3rd Bureau based in Pyongyang and Sinuiju: U.S. Cyber National Mission Force (CNMF) U.S. Cybersecurity and Infrastructure Security Agency… Read more

The Internet Systems Consortium (ISC) released security advisories to address vulnerabilities affecting multiple versions of ISC’s Berkeley Internet Name Domain (BIND) 9. A cyber threat actor could exploit one of these vulnerabilities to cause a denial-of-service condition.  CISA encourages users and administrators to review the following advisories and apply the necessary updates:  CVE-2024-4076: Assertion failure… Read more