Vulnerabilities

The regreSSHion Bug: An In-Depth Analysis of CVE-2024-6387 in OpenSSH

Introduction The discovery of CVE-2024-6387, known as the regreSSHion bug, marks a significant event in the cybersecurity landscape. This unauthenticated Remote Code Execution (RCE) vulnerability in OpenSSH’s server (sshd) affects glibc-based Linux systems, presenting a severe security risk. Notably, this bug allows full root access without user interaction, impacting OpenSSH versions from 8.5p1 up

ConnectWise ScreenConnect 23.9.8: CVE-2024-1709

On February 19, 2023, ConnectWise issued a security notification regarding two security flaws found within their ScreenConnect remote management software. The flaws identified were an authentication bypass rated at CVSS 10.0 and a path traversal rated at CVSS 8.4, neither of which had been assigned CVE IDs at that time. This article focuses on

Ivanti’s Zero-Day Vulnerabilities (CVE-2024-21887 and CVE-2023-46805)

Ivanti Connect Secure (ICS) and Ivanti Policy Secure (IPS), formerly known as Pulse Connect Secure, are virtual private network (VPN) tools that businesses rely on to enable secure remote access. However, two newly disclosed zero-day vulnerabilities now pose a dangerous threat that could completely compromise these critical gateways.

CVE-2023-4863: A Comprehensive Guide

CVE-2023-4863 refers to a critical heap buffer overflow vulnerability found in the libwebp package, widely used for encoding and decoding WebP images. This vulnerability enables a program to write data beyond the allocated boundaries in a buffer on the heap, potentially leading to unauthorized system access or control.

Juniper Firewall Vulnerabilities: CVE-2023-36844, CVE-2023-36845, CVE-2023-36846, and CVE-2023-36847

Juniper Networks firewalls are a common sight in enterprise networks worldwide. However, the convenience of their J-Web management interface also introduces security risks if improperly configured. This was recently highlighted by Juniper’s disclosure of four critical J-Web vulnerabilities that can chain together to allow remote code execution. The flaws impact both EX series switches

Microsoft Patch 73 CVEs in August 2023 (CVE-2023-38180)

Microsoft released its monthly Patch Tuesday security updates for August 2023, addressing a total of 73 vulnerabilities across a wide range of products. The updates provide fixes for vulnerabilities rated as critical and important in severity that could lead to remote code execution, elevation of privilege, information disclosure, denial of service and other impacts

Responding to Critical Vulnerabilities in FortiOS SSL VPN (CVE-2023-27997)

A severe vulnerability recently disclosed in Fortinet’s FortiOS SSL VPN product enables unauthenticated remote code execution, allowing hackers to bypass authentication and gain full system control. With a critical CVSS score of 10, all organizations using affected versions of FortiOS SSL VPN should take prompt action to detect vulnerable systems and mitigate risks. This

Responding to Critical Vulnerabilities in Ivanti Endpoint Manager Mobile (CVE-2023-35078)

Ivanti Endpoint Manager Mobile (EPMM), formerly MobileIron Core, was recently revealed to contain three high-severity vulnerabilities—CVE-2023-35078, CVE-2023-35081, and CVE-2023-35082. These flaws enable threat actors to gain unauthorized access, escalate privileges, and write arbitrary files in EPMM environments. According to cybersecurity agencies, these vulnerabilities are being actively exploited to compromise systems. Any organization using vulnerable