π΄ Leveraging Behavioral Analysis to Catch Living-Off-the-Land Attacks π΄
π Read
via "Dark Reading".
Attackers are increasingly staying under the radar by using your own tools against you. Only behavioral AI can catch these stealthy attacks.π Read
via "Dark Reading".
Dark Reading
Leveraging Behavioral Analysis to Catch Living-Off-the-Land Attacks
Attackers are increasingly staying under the radar by using your own tools against you. Only behavioral AI can catch these stealthy attacks.
βΌ CVE-2023-21465 βΌ
π Read
via "National Vulnerability Database".
Improper access control vulnerability in BixbyTouch prior to version 3.2.02.5 in China models allows untrusted applications access local files.π Read
via "National Vulnerability Database".
βΌ CVE-2023-21457 βΌ
π Read
via "National Vulnerability Database".
Improper access control vulnerability in Bluetooth prior to SMR Mar-2023 Release 1 allows attackers to send file via Bluetooth without related permission.π Read
via "National Vulnerability Database".
βΌ CVE-2023-21462 βΌ
π Read
via "National Vulnerability Database".
The sensitive information exposure vulnerability in Quick Share Agent prior to versions 3.5.14.18 in Android 12 and 3.5.16.20 in Android 13 allows to local attacker to access MAC address without related permission.π Read
via "National Vulnerability Database".
βΌ CVE-2023-21463 βΌ
π Read
via "National Vulnerability Database".
Improper access control vulnerability in MyFiles application prior to versions 12.2.09.0 in Android 11, 13.1.03.501 in Android 12 and 14.1.03.0 in Android 13 allows local attacker to get sensitive information of secret mode in Samsung Internet application with specific conditions.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0598 βΌ
π Read
via "National Vulnerability Database".
GE Digital Proficy iFIX 2022, GE Digital Proficy iFIX v6.1, and GE Digital Proficy iFIX v6.5 are vulnerable to code injection, which may allow an attacker to insert malicious configuration files in the expected web server execution path and gain full control of the HMI software.π Read
via "National Vulnerability Database".
βΌ CVE-2022-43604 βΌ
π Read
via "National Vulnerability Database".
An out-of-bounds write vulnerability exists in the GetAttributeList attribute_count_request functionality of EIP Stack Group OpENer development commit 58ee13c. A specially crafted EtherNet/IP request can lead to an out-of-bounds write, potentially causing the server to crash or allow for remote code execution. An attacker can send a series of EtherNet/IP requests to trigger this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2023-21461 βΌ
π Read
via "National Vulnerability Database".
Improper authorization vulnerability in AutoPowerOnOffConfirmDialog in Settings prior to SMR Mar-2023 Release 1 allows local attacker to turn device off via unprotected activity.π Read
via "National Vulnerability Database".
βΌ CVE-2023-1390 βΌ
π Read
via "National Vulnerability Database".
A remote denial of service vulnerability was found in the Linux kernelΓ’β¬β’s TIPC kernel module. The while loop in tipc_link_xmit() hits an unknown state while attempting to parse SKBs, which are not in the queue. Sending two small UDP packets to a system with a UDP bearer results in the CPU utilization for the system to instantly spike to 100%, causing a denial of service condition.π Read
via "National Vulnerability Database".
βΌ CVE-2023-22882 βΌ
π Read
via "National Vulnerability Database".
Zoom clients before version 5.13.5 contain a STUN parsing vulnerability. A malicious actor could send specially crafted UDP traffic to a victim Zoom client to remotely cause the client to crash, causing a denial of service.π Read
via "National Vulnerability Database".
βΌ CVE-2023-21454 βΌ
π Read
via "National Vulnerability Database".
Improper authorization in Samsung Keyboard prior to SMR Mar-2023 Release 1 allows physical attacker to access users text history on the lockscreen.π Read
via "National Vulnerability Database".
βΌ CVE-2022-43606 βΌ
π Read
via "National Vulnerability Database".
A use-of-uninitialized-pointer vulnerability exists in the Forward Open connection_management_entry functionality of EIP Stack Group OpENer development commit 58ee13c. A specially-crafted EtherNet/IP request can lead to use of a null pointer, causing the server to crash. An attacker can send a series of EtherNet/IP requests to trigger this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2023-22881 βΌ
π Read
via "National Vulnerability Database".
Zoom clients before version 5.13.5 contain a STUN parsing vulnerability. A malicious actor could send specially crafted UDP traffic to a victim Zoom client to remotely cause the client to crash, causing a denial of service.π Read
via "National Vulnerability Database".
βΌ CVE-2023-22883 βΌ
π Read
via "National Vulnerability Database".
Zoom Client for IT Admin Windows installers before version 5.13.5 contain a local privilege escalation vulnerability. A local low-privileged user could exploit this vulnerability in an attack chain during the installation process to escalate their privileges to the SYSTEM user.π Read
via "National Vulnerability Database".
βΌ CVE-2023-21449 βΌ
π Read
via "National Vulnerability Database".
Improper access control vulnerability in Call application prior to SMR Mar-2023 Release 1 allows local attackers to access sensitive information without proper permission.π Read
via "National Vulnerability Database".
βΌ CVE-2023-21452 βΌ
π Read
via "National Vulnerability Database".
Improper usage of implicit intent in Bluetooth prior to SMR Mar-2023 Release 1 allows attacker to get MAC address of connected device.π Read
via "National Vulnerability Database".
βΌ CVE-2023-28113 βΌ
π Read
via "National Vulnerability Database".
russh is a Rust SSH client and server library. Starting in version 0.34.0 and prior to versions 0.36.2 and 0.37.1, Diffie-Hellman key validation is insufficient, which can lead to insecure shared secrets and therefore breaks confidentiality. Connections between a russh client and server or those of a russh peer with some other misbehaving peer are most likely to be problematic. These may vulnerable to eavesdropping. Most other implementations reject such keys, so this is mainly an interoperability issue in such a case. This issue is fixed in versions 0.36.2 and 0.37.1π Read
via "National Vulnerability Database".
βΌ CVE-2023-21464 βΌ
π Read
via "National Vulnerability Database".
Improper access control in Samsung Calendar prior to versions 12.4.02.9000 in Android 13 and 12.3.08.2000 in Android 12 allows local attacker to configure improper status.π Read
via "National Vulnerability Database".
βΌ CVE-2023-21460 βΌ
π Read
via "National Vulnerability Database".
Improper authentication in SecSettings prior to SMR Mar-2023 Release 1 allows attacker to reset the setting.π Read
via "National Vulnerability Database".
βΌ CVE-2022-43605 βΌ
π Read
via "National Vulnerability Database".
An out-of-bounds write vulnerability exists in the SetAttributeList attribute_count_request functionality of EIP Stack Group OpENer development commit 58ee13c. A specially crafted EtherNet/IP request can lead to an out of bounds write, potentially causing the server to crash or allow for remote code execution. An attacker can send a series of EtherNet/IP requests to trigger this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2023-23935 βΌ
π Read
via "National Vulnerability Database".
Discourse is an open-source messaging platform. In versions 3.0.1 and prior on the `stable` branch and versions 3.1.0.beta2 and prior on the `beta` and `tests-passed` branches, the count of personal messages displayed for a tag is a count of all personal messages regardless of whether the personal message is visible to a given user. As a result, any users can technically poll a sensitive tag to determine if a new personal message is created even if the user does not have access to the personal message. In the patched versions, the count of personal messages tagged with a given tag is hidden by default. To revert to the old behaviour of displaying the count of personal messages for a given tag, an admin may enable the `display_personal_messages_tag_counts` site setting.π Read
via "National Vulnerability Database".