SecPod Community Forums Cyber Bulletin Key Vulnerabilities and Threats Up to September 15th

  • This topic has 0 replies, 1 voice, and was last updated by Shreya.
Viewing 0 reply threads
  • Author
    Posts
    • #5997
      Shreya
      Participant

        Windows MSHTML Zero-Day Vulnerability 
        The Windows MSHTML platform spoofing vulnerability, CVE-2024-43461, which affects all supported Windows versions, is exploited in the wild. CVSS Score: 8.8

        Cisco Web-Based Management Interface Vulnerability 
        The flaw tracked as CVE-2024-20381 allows authenticated remote attackers to modify the configuration of affected devices and escalate privileges. CVSS Score: 8.8

        Citrix Workspace App Vulnerabilities 
        Citrix has released security updates to address two critical vulnerabilities, tracked as CVE-2024-7889 and CVE-2024-7890, affecting the Citrix Workspace app for Windows. CVSS Scores: 7.2, 5.4

        Palo Alto Networks PAN-OS Command Injection Vulnerability 
        Palo Alto Networks detected a high-severity command injection vulnerability (CVE-2024-8686) in its PAN-OS software that could allow authenticated admins to bypass system restrictions. CVSS Score: 7.2

        SolarWinds ARM Vulnerability 
        The vulnerabilities, CVE-2024-28990 and CVE-2024-28991, allow attackers to bypass authentication and execute remote code, posing significant security risks. CVSS Scores: 6.3, 9.0

    Viewing 0 reply threads
    • You must be logged in to reply to this topic.