‼ CVE-2023-34391 ‼
📖 Read
via "National Vulnerability Database".
Insecure Inherited Permissions vulnerability in Schweitzer Engineering Laboratories SEL-5033 AcSELerator RTAC Software on Windows allows Leveraging/Manipulating Configuration File Search Paths.See Instruction Manual Appendix A [Cybersecurity] tag dated 20230522 for more details. This issue affects SEL-5033 AcSELerator RTAC Software: before 1.35.151.21000.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-4681 ‼
📖 Read
via "National Vulnerability Database".
NULL Pointer Dereference in GitHub repository gpac/gpac prior to 2.3-DEV.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-4678 ‼
📖 Read
via "National Vulnerability Database".
Divide By Zero in GitHub repository gpac/gpac prior to 2.3-DEV.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-34392 ‼
📖 Read
via "National Vulnerability Database".
A Missing Authentication for Critical Function vulnerability in the Schweitzer Engineering Laboratories SEL-5037 SEL Grid Configurator could allow an attacker to run arbitrary commands on managed devices by an authorized device operator.See Instruction Manual Appendix A and Appendix E dated 20230615 for more details.This issue affects SEL-5037 SEL Grid Configurator: before 4.5.0.20.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-31168 ‼
📖 Read
via "National Vulnerability Database".
An Inclusion of Functionality from Untrusted Control Sphere vulnerability in the Schweitzer Engineering Laboratories SEL-5030 acSELerator QuickSet Software could allow an attacker to embed instructions that could be executed by an authorized device operator.See Instruction Manual Appendix A and Appendix E dated 20230615 for more details.This issue affects SEL-5030 acSELerator QuickSet Software: through 7.1.3.0.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-31175 ‼
📖 Read
via "National Vulnerability Database".
An Execution with Unnecessary Privileges vulnerability in the Schweitzer Engineering Laboratories SEL-5037 SEL Grid Configurator could allow an attacker to run system commands with the highest level privilege on the system.See Instruction Manual Appendix A and Appendix E dated 20230615 for more details.This issue affects SEL-5037 SEL Grid Configurator: before 4.5.0.20.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-41744 ‼
📖 Read
via "National Vulnerability Database".
Local privilege escalation due to unrestricted loading of unsigned libraries. The following products are affected: Acronis Agent (macOS) before build 30600, Acronis Cyber Protect 15 (macOS) before build 35979.📖 Read
via "National Vulnerability Database".
🕴 Paramount, Forever 21 Data Breaches Set Stage for Follow-On Attacks 🕴
📖 Read
via "Dark Reading".
The Forever 21 breach alone affects a half-million people, who could be a mix of consumers and employees; Paramount is staying mum on who exactly is impacted.📖 Read
via "Dark Reading".
Dark Reading
Paramount, Forever 21 Data Breaches Set Stage for Follow-on Attacks
The Forever 21 breach alone affects a half-million people, who could be a mix of consumers and employees; Paramount is staying mum on who exactly is impacted.
🕴 Apple iPhone 14 Pro Offered Up to the Hacking Masses 🕴
📖 Read
via "Dark Reading".
Since launching in 2019, the Security Device Research Program has discovered 130 critical vulnerabilities; applications are now open for Apple's 2024 iteration.📖 Read
via "Dark Reading".
Dark Reading
Apple iPhone 14 Pro Offered Up to the Hacking Masses
Since launching in 2019, the Security Device Research Program has discovered 130 critical vulnerabilities; applications are now open for Apple's 2024 iteration.
❤1
🕴 UK Agrees to Support Kuwait's Cybersecurity Center 🕴
📖 Read
via "Dark Reading".
The UK has agreed to help the Kuwaitis meet their stated goal of information-sharing and achieving globally coordinated incident response going forward.📖 Read
via "Dark Reading".
Dark Reading
UK Agrees to Support Kuwait's Cybersecurity Center
The UK has agreed to help the Kuwaitis meet their stated goal of information-sharing and achieving globally coordinated incident response going forward.
🕴 Cybercriminals Team Up to Upgrade 'SapphireStealer' Malware 🕴
📖 Read
via "Dark Reading".
A hacker published a real gem of an infostealer to GitHub that requires zero coding knowledge to use. Then a community sprung up around it, polishing the code to a high shine and creating new, even more robust features.📖 Read
via "Dark Reading".
Dark Reading
Cybercriminals Team Up to Upgrade 'SapphireStealer' Malware
A hacker published a real gem of an infostealer to GitHub that requires zero coding knowledge to use. Then a community sprung up around it, polishing the code to a high shine and creating new, even more robust features.
‼ CVE-2023-41748 ‼
📖 Read
via "National Vulnerability Database".
Remote command execution due to improper input validation. The following products are affected: Acronis Cloud Manager (Windows) before build 6.2.23089.203.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-41045 ‼
📖 Read
via "National Vulnerability Database".
Graylog is a free and open log management platform. Graylog makes use of only one single source port for DNS queries. Graylog binds a single socket for outgoing DNS queries and while that socket is bound to a random port number it is never changed again. This goes against recommended practice since 2008, when Dan Kaminsky discovered how easy is to carry out DNS cache poisoning attacks. In order to prevent cache poisoning with spoofed DNS responses, it is necessary to maximise the uncertainty in the choice of a source port for a DNS query. Although unlikely in many setups, an external attacker could inject forged DNS responses into a Graylog's lookup table cache. In order to prevent this, it is at least recommendable to distribute the DNS queries through a pool of distinct sockets, each of them with a random source port and renew them periodically. This issue has been addressed in versions 5.0.9 and 5.1.3. Users are advised to upgrade. There are no known workarounds for this issue.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-41746 ‼
📖 Read
via "National Vulnerability Database".
Remote command execution due to improper input validation. The following products are affected: Acronis Cloud Manager (Windows) before build 6.2.23089.203.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-40589 ‼
📖 Read
via "National Vulnerability Database".
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. In affected versions there is a Global-Buffer-Overflow in the ncrush_decompress function. Feeding crafted input into this function can trigger the overflow which has only been shown to cause a crash. This issue has been addressed in versions 2.11.0 and 3.0.0-beta3. Users are advised to upgrade. There are no known workarounds for this issue.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-41034 ‼
📖 Read
via "National Vulnerability Database".
Eclipse Leshan is a device management server and client Java implementation. In affected versions DDFFileParser` and `DefaultDDFFileValidator` (and so `ObjectLoader`) are vulnerable to `XXE Attacks`. A DDF file is a LWM2M format used to store LWM2M object description. Leshan users are impacted only if they parse untrusted DDF files (e.g. if they let external users provide their own model), in that case they MUST upgrade to fixed version. If you parse only trusted DDF file and validate only with trusted xml schema, upgrading is not mandatory. This issue has been fixed in versions 1.5.0 and 2.0.0-M13. Users are advised to upgrade. There are no known workarounds for this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-41044 ‼
📖 Read
via "National Vulnerability Database".
Graylog is a free and open log management platform. A partial path traversal vulnerability exists in Graylog's `Support Bundle` feature. The vulnerability is caused by incorrect user input validation in an HTTP API resource. Graylog's Support Bundle feature allows an attacker with valid Admin role credentials to download or delete files in sibling directories of the support bundle directory. The default `data_dir` in operating system packages (DEB, RPM) is set to `/var/lib/graylog-server`. The data directory for the Support Bundle feature is always `<data_dir>/support-bundle`. Due to the partial path traversal vulnerability, an attacker with valid Admin role credentials can read or delete files in directories that start with a `/var/lib/graylog-server/support-bundle` directory name. The vulnerability would allow the download or deletion of files in the following example directories: `/var/lib/graylog-server/support-bundle-test` and `/var/lib/graylog-server/support-bundlesdirectory`. For the Graylog Docker images, the `data_dir` is set to `/usr/share/graylog/data` by default. This vulnerability is fixed in Graylog version 5.1.3 and later. Users are advised to upgrade. Users unable to upgrade should block all HTTP requests to the following HTTP API endpoints by using a reverse proxy server in front of Graylog. `GET /api/system/debug/support/bundle/download/{filename}` and `DELETE /api/system/debug/support/bundle/{filename}`.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-41745 ‼
📖 Read
via "National Vulnerability Database".
Sensitive information disclosure due to excessive collection of system information. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 30991, Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 35979.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-41747 ‼
📖 Read
via "National Vulnerability Database".
Sensitive information disclosure due to improper input validation. The following products are affected: Acronis Cloud Manager (Windows) before build 6.2.23089.203.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-40214 ‼
📖 Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2022. Notes: none.📖 Read
via "National Vulnerability Database".
🕴 Insurance Costs Rise, Coverage Shrinks, But Policies Remain Essential 🕴
📖 Read
via "Dark Reading".
The number of companies that have used their cyber insurance policies multiple times rises, but policy coverage grows more expensive and less comprehensive.📖 Read
via "Dark Reading".
Dark Reading
Insurance Costs Rise, Coverage Shrinks, but Policies Remain Essential
The number of companies that have used their cyber insurance policies multiple times rises, but policy coverage grows more expensive and less comprehensive.