SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals
SEC595Cyber Defense
SANS Community Benefits
Connect, learn, and share with other cybersecurity professionals
VOLUME 24ISSUE 11
The Consensus Security Vulnerability Alert
Internet Storm Center Spotlight
ISC provides a free analysis and warning service to thousands of Internet users and organizations, and is actively working with Internet Service Providers to fight back against the most malicious attackers. https://isc.sans.edu/about.html
Using ChatGPT to Deobfuscate Malicious Scripts
Published: 2024-03-13
Last Updated: 2024-03-13 08:26:17 UTC
by Xavier Mertens (Version: 1)
Today, most of the malicious scripts in the wild are heavily obfuscated. Obfuscation is key to slow down the security analyst's job and to bypass simple security controls. They are many techniques available. Most of the time, your trained eyes can spot them in a few seconds but it remains a pain to process manually. How to handle them? For some of them, you have tools like numbers-to-strings.py, developed by Didier, to convert classic encodings back to strings. Sometimes, you can write your own script (time consuming) or use a Cyberchef recipe. To speed up the analysis, why not ask some help to AI tools? Let's see a practical example with ChatGPT.
Yesterday, I found a malicious Python script ... with a low VirusTotal score of 2/61. When I had a look at it, it was obfuscated with the following techniques. All interesting strings were hex-encode, compressed and Base64-encoded ...
Read the full entry: https://isc.sans.edu/diary/Using+ChatGPT+to+Deobfuscate+Malicious+Scripts/30740/
Microsoft Patch Tuesday - March 2024
Published: 2024-03-12
Last Updated: 2024-03-12 17:53:50 UTC
by Johannes Ullrich (Version: 1)
This month's patches are oddly "light". We have patches for 60 vulnerabilities and 4 Chromium patches affecting Microsoft Edge. But only two of the vulnerabilities are rated as "Critical":
CVE-2024-21408: Windows Hyper-V Denial of Service Vulnerability
CVE-2024-21407: Windows Hyper-V Remote Code Execution Vulnerability
Oddly, Microsoft considers a DoS vulnerability "critical". However, a DoS against Hyper-V could have a significant impact, which may justify the rating. The code execution vulnerability justifies a rating of critical. However, exploitation requires an attacker to first gain a foothold inside a virtual machine.
Other vulnerabilities of interest:
CVE-2024-26198: A remote code execution vulnerability for Exchange Server. This is a DLL loading issue that is typically more difficult to exploit. Authentication is required to exploit the vulnerability.
Overall, this Patch Tuesday doesn't look too bad. Follow your normal patch management process. There is no need to get all worked up; tomorrow morning: Have some coffee, test... and later deploy once the tests are completed successfully.
Read the full entry: https://isc.sans.edu/diary/Microsoft+Patch+Tuesday+March+2024/30736/
What happens when you accidentally leak your AWS API keys? [Guest Diary]
Published: 2024-03-10
Last Updated: 2024-03-11 01:12:57 UTC
by Guy Bruneau (Version: 1)
[This is a Guest Diary by Noah Pack, an ISC intern as part of the SANS.edu BACS program]
As a college freshman taking my first computer science class, I wanted to create a personal project that would test my abilities and maybe have some sort of return. I saw a video online of someone who created a python script that emailed colleges asking for free swag to be shipped to him. I liked the idea and adapted it. I created a script that emailed companies and asked for free swag, knowing that most conferences that year had been canceled due to the COVID-19 pandemic. I wrote my script, made a new email account for the script to use, created a list of ten companies it would email, and it worked flawlessly. To celebrate my achievement, I uploaded my code to GitHub. The next thing I knew, I was getting login attempts to the email address I set up for my script to use. I had hardcoded the email address and password into my code, and my computer science class didn’t teach us safe programming practices.
My situation had no ill consequences, but it could have if I had used my actual email for the script or if my project was bigger and I had used AWS or another cloud provider and hardcoded those credentials. In a later class I did learn how to safely pass credentials to my scripts without fear of leaking them on GitHub, but leaked credentials remained on my mind. This led me to the question “What happens when you leak your AWS API keys?”
In this article, I will share some research, resources, and real-world data related to leaked AWS API keys. I won’t get into scenarios where credentials are stored properly but stolen via a vulnerability, only where a developer or other AWS user hardcodes their credentials into a GitHub repository or a website.
Read the full entry: https://isc.sans.edu/diary/What+happens+when+you+accidentally+leak+your+AWS+API+keys+Guest+Diary/30730/1
Internet Storm Center Entries
MacOS Patches (and Safari, TVOS, VisionOS, WatchOS) (2024.03.08)
https://isc.sans.edu/diary/MacOS+Patches+and+Safari+TVOS+VisionOS+WatchOS/30726/
[Guest Diary] AWS Deployment Risks - Configuration and Credential File Targeting (2024.03.07)
Recent CVEs
The list is assembled by pulling recent vulnerabilities from NIST NVD, Microsoft, Twitter mentions of vulnerabilities, ISC Diaries and Podcast, and the CISA list of known exploited vulnerabilities. There are also some unscored, but significant, vulnerabilities at the end. This includes vulnerabilities that have not been added to the NVD yet.
CVE-2024-21899 - QNAP operating system versions are vulnerable to an authentication flaw that could be exploited by users to compromise network security.
Product: QNAP QTS
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21899
ISC Podcast: https://isc.sans.edu/podcastdetail.html?podcastid=8888
NVD References: https://www.qnap.com/en/security-advisory/qsa-24-09
CVE-2024-21334 - Open Management Infrastructure (OMI) Remote Code Execution Vulnerability
Product: Microsoft Open Management Infrastructure (OMI)
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21334
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21334
CVE-2024-21400 - Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability
Product: Microsoft Azure Kubernetes Service
CVSS Score: 9.0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21400
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21400
CVE-2024-21762 - Fortinet FortiOS Out-of-Bound Write Vulnerability
Product: Fortinet FortiOS
CVSS Score: 0
** KEV since 2024-02-09 **
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21762
ISC Podcast: https://isc.sans.edu/podcastdetail.html?podcastid=8888
CVE-2024-23225 - iOS and iPadOS versions 16.7.6, 17.4, and iPadOS 17.4 are vulnerable to a memory corruption issue that allows attackers with arbitrary kernel read and write capability to bypass memory protections, as reported by Apple.
Product: Apple iPadOS
CVSS Score: 7.8
** KEV since 2024-03-06 **
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-23225
NVD References:
- https://support.apple.com/en-us/HT214081
- https://support.apple.com/en-us/HT214082
- https://support.apple.com/kb/HT214083
- https://support.apple.com/kb/HT214084
- https://support.apple.com/kb/HT214085
- https://support.apple.com/kb/HT214086
- https://support.apple.com/kb/HT214087
- https://support.apple.com/kb/HT214088
CVE-2024-23296 - iOS 17.4 and iPadOS 17.4 may allow an attacker to bypass kernel memory protections.
Product: Apple iPadOS
CVSS Score: 7.8
** KEV since 2024-03-06 **
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-23296
NVD References:
- https://support.apple.com/en-us/HT214081
- https://support.apple.com/kb/HT214084
- https://support.apple.com/kb/HT214086
- https://support.apple.com/kb/HT214087
- https://support.apple.com/kb/HT214088
CVE-2024-26198 - Microsoft Exchange Server Remote Code Execution Vulnerability
Product: Microsoft Exchange Server
CVSS Score: 8.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26198
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26198
CVE-2024-21407 - Windows Hyper-V Remote Code Execution Vulnerability
Product: Microsoft Windows Hyper-VCVSS Score: 8.1NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21407ISC Diary: https://isc.sans.edu/diary/30736MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21407CVE-2024-21408 - Windows Hyper-V Denial of Service VulnerabilityProduct: Microsoft Windows Hyper-VCVSS Score: 5.5NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21408ISC Diary: https://isc.sans.edu/diary/30736MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21408CVE-2024-21431 - Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass VulnerabilityProduct: Microsoft HypervisorCVSS Score: 7.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21431ISC Diary: https://isc.sans.edu/diary/30736MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21431CVE-2024-22252, CVE-2024-22253 - VMware ESXi, Workstation, and Fusion use-after-free vulnerabilitiesProduct: VMware ESXiCVSS Score: 9.3NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-22252NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-22253NVD References: https://www.vmware.com/security/advisories/VMSA-2024-0006.htmlNVD References: https://www.vmware.com/security/advisories/VMSA-2024-0006.htmlCVE-2024-2005 - Blue Planet® products through 22.12 are vulnerable to privilege escalation due to a misconfiguration in the SAML implementation.Product: Ciena Blue PlanetCVSS Score: 9.0NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-2005NVD References: https://www.ciena.com/product-securityCVE-2023-50716 - eProsima Fast DDS (formerly Fast RTPS) versions prior to 2.13.0, 2.12.2, 2.11.3, 2.10.3, and 2.6.7 allows a remote attacker to terminate the Fast-DDS process via an invalid DATA_FRAG Submessage causing a bad-free error.Product: eProsima Fast DDSCVSS Score: 9.6NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-50716NVD References: https://github.com/eProsima/Fast-DDS/security/advisories/GHSA-5m2f-hvj2-cx2hCVE-2024-24767 - CasaOS-UserService is vulnerable to password brute force attacks in versions prior to 0.4.7, allowing attackers to gain super user-level access to the server.Product: CasaOS-UserServiceCVSS Score: 9.1NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-24767NVD References: - https://github.com/IceWhaleTech/CasaOS-UserService/commit/62006f61b55951048dbace4ebd9e483274838699- https://github.com/IceWhaleTech/CasaOS-UserService/releases/tag/v0.4.7- https://github.com/IceWhaleTech/CasaOS-UserService/security/advisories/GHSA-c69x-5xmw-v44xCVE-2024-27302 - Go-zero is vulnerable to bypassing CORS policy by using strings.HasSuffix to check the origin, leading to potential data retrieval on behalf of other users.Product: Go-zeroCVSS Score: 9.1NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-27302NVD References: - https://github.com/zeromicro/go-zero/commit/d9d79e930dff6218a873f4f02115df61c38b15db- https://github.com/zeromicro/go-zero/security/advisories/GHSA-fgxv-gw55-r5fqCVE-2024-27304 - pgx is vulnerable to SQL injection when an attacker can cause a query or bind message to exceed 4 GB in size, but the issue is fixed in v4.18.2 and v5.5.4.Product: pgx PostgreSQL DriverCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-27304NVD References: https://github.com/jackc/pgx/security/advisories/GHSA-mrww-27vc-gghvCVE-2024-2173 - Chromium: Out of bounds memory access in V8Product: Google ChromeCVSS Score: 0NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-2173ISC Diary: https://isc.sans.edu/diary/30736MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-2173NVD References: - https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop.html- https://issues.chromium.org/issues/325893559CVE-2024-2174 - Chromium: Inappropriate implementation in V8Product: Google ChromeCVSS Score: 0NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-2174ISC Diary: https://isc.sans.edu/diary/30736MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-2174NVD References: - https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop.html- https://issues.chromium.org/issues/325866363CVE-2024-2176 - Chromium: Use after free in FedCMProduct: Google ChromeCVSS Score: 0NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-2176ISC Diary: https://isc.sans.edu/diary/30736MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-2176NVD References: - https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop.html- https://issues.chromium.org/issues/325936438CVE-2024-27307 - JSONata is a JSON query and transformation language with a vulnerability that allows for remote code execution prior to versions 1.8.7 and 2.0.4, which has been fixed in the latest versions.Product: JSONataCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-27307NVD References: https://github.com/jsonata-js/jsonata/security/advisories/GHSA-fqg8-vfv7-8fj8CVE-2024-28222 - Veritas NetBackup and NetBackup Appliance are prone to file path validation fai…
CVE-2024-21431 - Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability
Product: Microsoft Hypervisor
CVSS Score: 7.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21431
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21431
CVE-2024-22252, CVE-2024-22253 - VMware ESXi, Workstation, and Fusion use-after-free vulnerabilities
Product: VMware ESXi
CVSS Score: 9.3
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-22252
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-22253
NVD References: https://www.vmware.com/security/advisories/VMSA-2024-0006.html
NVD References: https://www.vmware.com/security/advisories/VMSA-2024-0006.html
CVE-2024-2005 - Blue Planet® products through 22.12 are vulnerable to privilege escalation due to a misconfiguration in the SAML implementation.
Product: Ciena Blue Planet
CVSS Score: 9.0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-2005
NVD References: https://www.ciena.com/product-security
CVE-2023-50716 - eProsima Fast DDS (formerly Fast RTPS) versions prior to 2.13.0, 2.12.2, 2.11.3, 2.10.3, and 2.6.7 allows a remote attacker to terminate the Fast-DDS process via an invalid DATA_FRAG Submessage causing a bad-free error.
Product: eProsima Fast DDS
CVSS Score: 9.6
NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-50716
NVD References: https://github.com/eProsima/Fast-DDS/security/advisories/GHSA-5m2f-hvj2-cx2h
CVE-2024-24767 - CasaOS-UserService is vulnerable to password brute force attacks in versions prior to 0.4.7, allowing attackers to gain super user-level access to the server.
Product: CasaOS-UserService
CVSS Score: 9.1
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-24767
NVD References:
- https://github.com/IceWhaleTech/CasaOS-UserService/commit/62006f61b55951048dbace4ebd9e483274838699
- https://github.com/IceWhaleTech/CasaOS-UserService/releases/tag/v0.4.7
- https://github.com/IceWhaleTech/CasaOS-UserService/security/advisories/GHSA-c69x-5xmw-v44x
CVE-2024-27302 - Go-zero is vulnerable to bypassing CORS policy by using strings.HasSuffix to check the origin, leading to potential data retrieval on behalf of other users.
Product: Go-zero
CVSS Score: 9.1
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-27302
NVD References:
- https://github.com/zeromicro/go-zero/commit/d9d79e930dff6218a873f4f02115df61c38b15db
- https://github.com/zeromicro/go-zero/security/advisories/GHSA-fgxv-gw55-r5fq
CVE-2024-27304 - pgx is vulnerable to SQL injection when an attacker can cause a query or bind message to exceed 4 GB in size, but the issue is fixed in v4.18.2 and v5.5.4.
Product: pgx PostgreSQL Driver
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-27304
NVD References: https://github.com/jackc/pgx/security/advisories/GHSA-mrww-27vc-gghv
CVE-2024-2173 - Chromium: Out of bounds memory access in V8
Product: Google Chrome
CVSS Score: 0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-2173
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-2173
NVD References:
- https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop.html
- https://issues.chromium.org/issues/325893559
CVE-2024-2174 - Chromium: Inappropriate implementation in V8
Product: Google Chrome
CVSS Score: 0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-2174
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-2174
NVD References:
- https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop.html
- https://issues.chromium.org/issues/325866363
CVE-2024-2176 - Chromium: Use after free in FedCM
Product: Google Chrome
CVSS Score: 0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-2176
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-2176
NVD References:
- https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop.html
- https://issues.chromium.org/issues/325936438
CVE-2024-27307 - JSONata is a JSON query and transformation language with a vulnerability that allows for remote code execution prior to versions 1.8.7 and 2.0.4, which has been fixed in the latest versions.
Product: JSONata
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-27307
NVD References: https://github.com/jsonata-js/jsonata/security/advisories/GHSA-fqg8-vfv7-8fj8
CVE-2024-28222 - Veritas NetBackup and NetBackup Appliance are prone to file path validation failure, allowing unauthenticated attackers to upload and execute custom files.
Product: Veritas NetBackup
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28222
NVD References: https://www.veritas.com/content/support/en_US/security/VTS23-010
CVE-2023-42662 - JFrog Artifactory versions 7.59 and above are vulnerable to exposure of user access tokens through specially crafted URLs.
Product: JFrog Artifactory
CVSS Score: 9.3
NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-42662
NVD References: https://jfrog.com/help/r/jfrog-release-information/jfrog-security-advisories
CVE-2024-2184 - Satera MF740C Series/Satera MF640C Series/Satera LBP660C Series/Satera LBP620C Series firmware v12.07 and earlier, and Satera MF750C Series/Satera LBP670C Series firmware v03.09 and earlier may be vulnerable to a buffer overflow in the identifier field of WSD probe request process, allowing an attacker on the network segment to trigger unresponsiveness or execute arbitrary code.
Product: Canon Small Office Multifunction Printers and Laser Printers
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-2184
NVD References: https://psirt.canon/advisory-information/cp2024-002/
CVE-2024-2370 - ManageEngine Desktop Central version 9, build 90055 is vulnerable to unrestricted file upload, permitting remote attackers to upload malicious files without authentication.
Product: ManageEngine Desktop Central
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-2370
NVD References: https://www.incibe.es/en/incibe-cert/notices/aviso/unrestricted-file-upload-vulnerability-manageengine-desktop-central
CVE-2023-49785 - NextChat, a cross-platform chat user interface for ChatGPT, is vulnerable to server-side request forgery and cross-site scripting, allowing attackers to gain unauthorized access to internal HTTP endpoints and mask their source IP.
Product: OpenAI NextChat
CVSS Score: 9.1
NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-49785
NVD References:
- https://github.com/ChatGPTNextWeb/ChatGPT-Next-Web
- https://www.horizon3.ai/attack-research/attack-blogs/nextchat-an-ai-chatbot-that-lets-you-talk-to-anyone-you-want-to/
CVE-2024-22127 - SAP NetWeaver Administrator AS Java (Administrator Log Viewer plug-in) - version 7.50, allows an attacker with high privileges to upload files and execute commands, impacting confidentiality, integrity, and availability.
Product: SAP NetWeaver Administrator
CVSS Score: 9.1
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-22127
NVD References:
- https://me.sap.com/notes/3433192
- https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html?anchorId=section_370125364
CVE-2024-25995 - Product X is vulnerable to unauthenticated remote attackers being able to modify configurations for a remote code execution due to a critical function lacking authentication.
Product: Schneider Electric Modicon M221
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-25995
NVD References: https://cert.vde.com/en/advisories/VDE-2024-011
CVE-2022-32257 - SINEMA Remote Connect Server (All versions < V3.2) lacks proper access control on some endpoints, allowing for unauthorized access and potential code execution.
Product: Siemens SINEMA Remote Connect Server
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2022-32257
NVD References: https://cert-portal.siemens.com/productcert/html/ssa-576771.html
CVE-2024-22039 - Cerberus PRO EN Engineering Tool, Cerberus PRO EN Fire Panel FC72x, Cerberus PRO EN X200 Cloud Distribution, Cerberus PRO EN X300 Cloud Distribution, Sinteso FS20 EN Engineering Tool, Sinteso FS20 EN Fire Panel FC20, Sinteso FS20 EN X200 Cloud Distribution, Sinteso FS20 EN X300 Cloud Distribution, and Sinteso Mobile are vulnerable to a stack-based buffer overflow due to a lack of validation in the network communication library, potentially allowing remote attackers to execute code with root privileges.
Product: Siemens Cerberus PRO EN Engineering Tool
CVSS Score: 10.0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-22039
NVD References: https://cert-portal.siemens.com/productcert/html/ssa-225840.html
CVE-2023-42789 - Fortinet FortiOS and FortiProxy are vulnerable to an out-of-bounds write, allowing attackers to execute unauthorized code or commands via specially crafted HTTP requests.
Product: Fortinet FortiOS and FortiProxy
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-42789
NVD References: https://fortiguard.com/psirt/FG-IR-23-328
CVE-2023-47534 - Fortinet FortiClientEMS versions 7.2.0 through 7.2.2, 7.0.0 through 7.0.10, 6.4.0 through 6.4.9, 6.2.0 through 6.2.9, and 6.0.0 through 6.0.8 improperly neutralize formula elements in csv files, enabling attackers to execute unauthorized code or commands through crafted packets.
Product: Fortinet FortiClientEMS
CVSS Score: 9.6
NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-47534
NVD References: https://fortiguard.com/psirt/FG-IR-23-390
CVE-2023-48788 - Fortinet FortiClientEMS versions 7.0.1 through 7.2.2 are vulnerable to SQL injection, allowing attackers to execute unauthorized code or commands through specially crafted packets.
Product: Fortinet FortiClientEMS
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-48788
NVD References: https://fortiguard.com/psirt/FG-IR-23-430
CVE-2024-1301 - Badger Meter Monitool versions 4.6.3 and earlier are vulnerable to SQL injection, allowing a remote attacker to extract data from the database by sending a malicious SQL query via the j_username parameter.
Product: Badger Meter Monitool
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-1301
NVD References: https://www.incibe.es/en/incibe-cert/notices/aviso-sci/multiple-vulnerabilities-badger-meters-monitool
CVE-2024-1527 - CMS Made Simple version 2.2.14 is susceptible to an unrestricted file upload vulnerability, enabling authenticated users to bypass security measures and potentially execute remote commands via webshell.
Product: CMS Made Simple
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-1527
NVD References: https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-cms-made-simple
CVE-2024-21330 - Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability
Product: Microsoft Open Management Infrastructure (OMI)
CVSS Score: 7.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21330
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21330
CVE-2024-21390 - Microsoft Authenticator Elevation of Privilege Vulnerability
Product: Microsoft Authenticator
CVSS Score: 7.1 AtRiskScore 30
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21390
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21390
CVE-2024-21392 - .NET and Visual Studio Denial of Service Vulnerability
Product: Microsoft .NET and Visual Studio
CVSS Score: 7.5
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21392
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21392
CVE-2024-21411 - Skype for Consumer Remote Code Execution Vulnerability
Product: Skype for Consumer
CVSS Score: 8.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21411
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21411
CVE-2024-21418 - Software for Open Networking in the Cloud (SONiC) Elevation of Privilege Vulnerability
Product: Microsoft SONiC
CVSS Score: 7.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21418
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21418
CVE-2024-21419 - Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
Product: Microsoft Dynamics 365
CVSS Score: 7.6
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21419
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21419
CVE-2024-21421 - Azure SDK Spoofing Vulnerability
Product: Azure SDK
CVSS Score: 7.5
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21421
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21421
CVE-2024-21426 - Microsoft SharePoint Server Remote Code Execution Vulnerability
Product: Microsoft SharePoint Server
CVSS Score: 7.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21426
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21426
CVE-2024-21427 - Windows Kerberos Security Feature Bypass Vulnerability
Product: Microsoft Windows
CVSS Score: 7.5
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21427
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21427
CVE-2024-21432 - Windows Update Stack Elevation of Privilege Vulnerability
Product: Microsoft Windows Update Stack
CVSS Score: 7.0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21432
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21432
CVE-2024-21433 - Windows Print Spooler Elevation of Privilege Vulnerability
Product: Microsoft Windows Print Spooler
CVSS Score: 7.0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21433
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21433
CVE-2024-21434 - Microsoft Windows SCSI Class System File Elevation of Privilege Vulnerability
Product: Microsoft Windows SCSI Class System File
CVSS Score: 7.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21434
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21434
CVE-2024-21435 - Windows OLE Remote Code Execution Vulnerability
Product: Microsoft Windows
CVSS Score: 8.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21435
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21435
CVE-2024-21436 - Windows Installer Elevation of Privilege Vulnerability
Product: Microsoft Windows Installer
CVSS Score: 7.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21436
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21436
CVE-2024-21437 - Windows Graphics Component Elevation of Privilege Vulnerability
Product: Microsoft Windows Graphics Component
CVSS Score: 7.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21437
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21437
CVE-2024-21438 - Microsoft AllJoyn API Denial of Service Vulnerability
Product: Microsoft AllJoyn API
CVSS Score: 7.5
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21438
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21438
CVE-2024-21439 - Windows Telephony Server Elevation of Privilege Vulnerability
Product: Microsoft Windows Telephony Server
CVSS Score: 7.0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21439
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21439
CVE-2024-21440 - Microsoft ODBC Driver Remote Code Execution Vulnerability
Product: Microsoft ODBC Driver
CVSS Score: 8.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21440
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21440
CVE-2024-21441 - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
Product: Microsoft WDAC OLE DB provider for SQL Server
CVSS Score: 8.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21441
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21441
CVE-2024-21442 - Windows USB Print Driver Elevation of Privilege Vulnerability
Product: Windows USB Print Driver
CVSS Score: 7.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21442
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21442
CVE-2024-21444 - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
Product: Microsoft WDAC OLE DB provider for SQL Server
CVSS Score: 8.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21444
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21444
CVE-2024-21445 - Windows USB Print Driver Elevation of Privilege Vulnerability
Product: Windows USB Print Driver
CVSS Score: 7.0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21445
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21445
CVE-2024-21446 - NTFS Elevation of Privilege Vulnerability
Product: Microsoft NTFS
CVSS Score: 7.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21446
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21446
CVE-2024-21450 - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
Product: Microsoft WDAC OLE DB provider for SQL Server
CVSS Score: 8.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21450
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21450
CVE-2024-21451 - Microsoft ODBC Driver Remote Code Execution Vulnerability
Product: Microsoft ODBC Driver
CVSS Score: 8.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21451
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21451
CVE-2024-26159 - Microsoft ODBC Driver Remote Code Execution Vulnerability
Product: Microsoft ODBC Driver
CVSS Score: 8.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26159
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26159
CVE-2024-26161 - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
Product: Microsoft WDAC OLE DB provider for SQL Server
CVSS Score: 8.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26161
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26161
CVE-2024-26162 - Microsoft ODBC Driver Remote Code Execution Vulnerability
Product: Microsoft ODBC Driver
CVSS Score: 8.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26162
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26162
CVE-2024-26164 - Microsoft Django Backend for SQL Server Remote Code Execution Vulnerability
Product: Microsoft Django Backend
CVSS Score: 8.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26164
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26164
CVE-2024-26165 - Visual Studio Code Elevation of Privilege Vulnerability
Product: Microsoft Visual Studio Code
CVSS Score: 8.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26165
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26165
CVE-2024-26166 - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
Product: Microsoft WDAC OLE DB provider for SQL Server
CVSS Score: 8.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26166
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26166
CVE-2024-26169 - Windows Error Reporting Service Elevation of Privilege Vulnerability
Product: Microsoft Windows Error Reporting Service
CVSS Score: 7.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26169
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26169
CVE-2024-26170 - Windows Composite Image File System (CimFS) Elevation of Privilege Vulnerability
Product: Microsoft Windows Composite Image File System (CimFS)
CVSS Score: 7.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26170
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26170
CVE-2024-21443, CVE-2024-26173, CVE-2024-26176, CVE-2024-26178, CVE-2024-26182 - Windows Kernel Elevation of Privilege Vulnerabilities
Product: Microsoft Windows Kernel
CVSS Score: 7.3 -7.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21443
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26173
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26176
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26178
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26182
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21443
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26173
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26176
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26178
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26182
CVE-2024-26190 - Microsoft QUIC Denial of Service Vulnerability
Product: Microsoft QUIC
CVSS Score: 7.5
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26190
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26190
CVE-2024-26199 - Microsoft Office Elevation of Privilege Vulnerability
Product: Microsoft Office
CVSS Score: 7.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26199
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26199
CVE-2024-26203 - Azure Data Studio Elevation of Privilege Vulnerability
Product: Microsoft Azure Data Studio
CVSS Score: 7.3
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26203
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26203
CVE-2024-26204 - Outlook for Android Information Disclosure Vulnerability
Product: Microsoft Outlook for Android
CVSS Score: 7.5
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26204
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26204
CVE-2024-2413 - Intumit SmartRobot is vulnerable to remote attackers using a fixed encryption key for authentication, allowing them to obtain administrator privileges and execute arbitrary code on the remote server.
Product: Intumit SmartRobot
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-2413
NVD References: https://www.twcert.org.tw/tw/cp-132-7697-ecf10-1.html
CVE-2023-28746 - Intel: Register File Data Sampling (RFDS)
Product: Register File Data Sampling (RFDS)
CVSS Score: 0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-28746
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28746
Sponsors
Palo Alto Networks
2024 SANS State of Security Automation Survey | We would like to understand what drives automation in security teams, the role of automation in facilitating collaboration, and the ongoing challenges of automating security operations. Complete this survey for a chance to win a $250 Amazon gift card!
Zscaler
Buyers Guide: How to Secure Egress Traffic from Workloads in the Public Cloud | Tune in with Dave Shackleford will explore the inherent challenges associated with legacy cloud workload security, and highlight seven critical capabilities to securing egress traffic from workloads in the public cloud. Register now:
Palo Alto Networks
2024 SANS State of Security Automation Survey | We would like to understand what drives automation in security teams, the role of automation in facilitating collaboration, and the ongoing challenges of automating security operations. Complete this survey for a chance to win a $250 Amazon gift card!
Elastic
Shining a Light in the Dark: Observability and Security on March 21 | Join Matt Bromiley and Elastic’s Security and Observability experts Gagan Singh and Jennifer Ellard to discover how a convergence between security and observability empowers your teams. Save your seat today: