The Consensus Security Vulnerability Alert

ISC provides a free analysis and warning service to thousands of Internet users and organizations, and is actively working with Internet Service Providers to fight back against the most malicious attackers. https://isc.sans.edu/about.html

Struts "devmode": Still a problem ten years later?

Published: 2024-04-23

Last Updated: 2024-04-23 12:37:56 UTC

by Johannes Ullrich (Version: 1)

Like many similar frameworks and languages, Struts 2 has a "developer mode" (devmode) offering additional features to aid debugging. Error messages will be more verbose, and the devmode includes an OGNL console. OGNL, the Object-Graph Navigation Language, can interact with Java, but in the end, executing OGNL results in arbitrary code execution. This OGNL console resembles a "web shell" built into devmode.

No matter the language, and the exact features it provides, enabling a "devmode", "debug mode" or similar feature in production is never a good idea. But it probably surprises no one that it still shows up in publicly exposed sites ever so often. Attackers know this as well, and are "playing" with it.

Read the full entry:

https://isc.sans.edu/diary/Struts+devmode+Still+a+problem+ten+years+later/30866/

It appears that the number of industrial devices accessible from the internet has risen by 30 thousand over the past three years

Published: 2024-04-22

Last Updated: 2024-04-22 10:21:17 UTC

by Jan Kopriva (Version: 1)

It has been nearly three years since we last looked at the number of industrial devices (or, rather, devices that communicate with common OT protocols, such as Modbus/TCP, BACnet, etc.) that are accessible from the internet. Back in May of 2021, I wrote a slightly optimistic diary mentioning that there were probably somewhere between 74.2 thousand (according to Censys) and 80.8 thousand (according to Shodan) such systems, and that based on long-term data from Shodan, it appeared as though there was a downward trend in the number of these systems.

Given that few months ago, a series of incidents related to internet-exposed PLCs with default passwords was reported, and CISA has been releasing more ICS-related advisories than any other kind for a while now, I thought it might be a good time to go over the current numbers and see at how the situation has changed over the past 35 months.

At first glance, the current number of ICS-like devices accessible from the internet would seem to be somewhere between 61.7 thousand (the number of “ICS” devices detected by Shadowserver) and 237.2 thousand (the number of “ICS" devices detected by Censys), with Shodan reporting an in-between number of 111.1 thousand. It should be noted though, that even if none of these services necessarily correctly detects all OT devices, the number reported by Censys seems to be significantly overinflated by the fact that the service uses a fairly wide definition of what constitutes an “ICS system” and classifies as such even devices that do not communicate using any of the common industrial protocols. If we do a search limited only to devices that use one of the most common protocols that Censys can detect (e.g., Modbus, Fox, EtherNet/IP, BACnet, etc.), we get a much more believable/comparable number of 106.2 thousand.

Read the full entry:

https://isc.sans.edu/diary/It+appears+that+the+number+of+industrial+devices+accessible+from+the+internet+has+risen+by+30+thousand+over+the+past+three+years/30860/

The CVE's They are A-Changing!

Published: 2024-04-17

Last Updated: 2024-04-19 18:12:04 UTC

by Rob VandenBrink (Version: 1)

The downloadable format of CVE's from Miter will be changing in June 2024, so if you are using CVE downloads to populate your scanner, SIEM or to feed a SOC process, now would be a good time to look at that. If you are a vendor and use these downloads to populate your own feeds or product database, if you're not using the new format already you might be behind the eight ball!

The old format (CVE JSON 4.0) is being replaced by CVE JSON 5.0, full details can be found here ...

Read the full entry:

https://isc.sans.edu/diary/The+CVEs+They+are+AChanging/30850/

API Rug Pull - The NIST NVD Database and API (Part 4 of 3) (2024.04.24)

https://isc.sans.edu/diary/API+Rug+Pull+The+NIST+NVD+Database+and+API+Part+4+of+3/30868/

A Vuln is a Vuln, unless the CVE for it is after Feb 12, 2024 (2024.04.17)

https://isc.sans.edu/diary/A+Vuln+is+a+Vuln+unless+the+CVE+for+it+is+after+Feb+12+2024/30852/

The list is assembled by pulling recent vulnerabilities from NIST NVD, Microsoft, Twitter mentions of vulnerabilities, ISC Diaries and Podcast, and the CISA list of known exploited vulnerabilities. There are also some unscored, but significant, vulnerabilities at the end. This includes vulnerabilities that have not been added to the NVD yet.

Product: Palo Alto Networks PAN-OS

CVSS Score: 0

** KEV since 2024-04-12 **

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-3400

ISC Podcast: https://isc.sans.edu/podcastdetail/8940

Product: Microsoft Windows_Server 2022

CVSS Score: 0

** KEV since 2024-04-23 **

NVD: https://nvd.nist.gov/vuln/detail/CVE-2022-38028

ISC Podcast: https://isc.sans.edu/podcastdetail/8952

Product: CrushFTPCVSS Score: 9.8** KEV since 2024-04-24 **NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-4040NVD References: - https://github.com/airbus-cert/CVE-2024-4040- https://www.bleepingcomputer.com/news/security/crushftp-warns-users-to-patch-exploited-zero-day-immediately/- https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update- https://www.crushftp.com/crush11wiki/Wiki.jsp?page=Update- https://www.rapid7.com/blog/post/2024/04/23/etr-unauthenticated-crushftp-zero-day-enables-complete-server-compromise/- https://www.reddit.com/r/crowdstrike/comments/1c88788/situational_awareness_20240419_crushftp_virtual/- https://www.reddit.com/r/cybersecurity/comments/1c850i2/all_versions_of_crush_ftp_are_vulnerable/CVE-2024-3817 - HashiCorp's go-getter library is vulnerable to argument injection when executing Git command for remote branching, but it does not affect the go-getter/v2 branch and package.Product: HashiCorp go-getterCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-3817ISC Podcast: https://isc.sans.edu/podcastdetail/8946NVD References: https://discuss.hashicorp.com/t/hcsec-2024-09-hashicorp-go-getter-vulnerable-to-argument-injection-when-fetching-remote-default-git-branches/66040CVE-2013-3900 - Microsoft WinVerifyTrust function Remote Code ExecutionProduct: Multiple versions of Microsoft WindowsCVSS Score: 0** KEV since 2022-01-10 **NVD: https://nvd.nist.gov/vuln/detail/CVE-2013-3900ISC Diary: https://isc.sans.edu/diary/30868CVE-2024-2389 - Flowmon is vulnerable to an operating system command injection flaw, allowing unauthenticated users to execute arbitrary commands via the management interface.Product: FlowmonCVSS Score: 0NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-2389ISC Podcast: https://isc.sans.edu/podcastdetail/8952CVE-2024-3871 - The Delta Electronics DVW-W02W2-E2 devices are vulnerable to remote command execution with elevated privileges due to command injections and stack overflows in the web administration interface.Product: Delta Electronics DVW-W02W2-E2CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-3871NVD References: https://onekey.com/CVE-2024-32022, CVE-2024-32025 through CVE-2024-32027 - Kohya_ss multiple command injection vulnerabilitiesProduct: Kohya_ssCVSS Score: 9.1NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-32022NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-32025NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-32026NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-32027NVD References: - https://github.com/bmaltais/kohya_ss/commit/831af8babeb75faff62bcc6a8c6a4f80354f1ff1- https://github.com/bmaltais/kohya_ss/security/advisories/GHSA-m6jq-7j4v-2fg3- https://github.com/bmaltais/kohya_ss/security/advisories/GHSA-qprv-9pg5-h33c- https://github.com/bmaltais/kohya_ss/security/advisories/GHSA-v5cm-33w8-xrj6- https://github.com/bmaltais/kohya_ss/security/advisories/GHSA-8h78-3vqm-xw83- https://securitylab.github.com/advisories/GHSL-2024-019_GHSL-2024-024_kohya_ssCVE-2024-20997, CVE-2024-21010, CVE-2024-21014 - Oracle Hospitality Simphony product has vulnerabilities allowing unauthenticated attackers to compromise and potentially take over the system.Product: Oracle Oracle Hospitality SimphonyCVSS Score: 9.9NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-20997NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21010NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21014NVD References: https://www.oracle.com/security-alerts/cpuapr2024.htmlCVE-2024-21071 - Oracle Workflow in Oracle E-Business Suite versions 12.2.3-12.2.13 is susceptible to an easily exploitable vulnerability that allows a high privileged attacker to compromise the system and potentially impact additional products.Product: Oracle E-Business SuiteCVSS Score: 9.1NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21071NVD References: https://www.oracle.com/security-alerts/cpuapr2024.htmlCVE-2024-21082 - The Oracle BI Publisher product of Oracle Analytics (component: XML Services) has a critical vulnerability that can be exploited by an unauthenticated attacker with network access via HTTP to compromise and takeover Oracle BI Publisher.Product: Oracle BI PublisherCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21082NVD References: https://www.oracle.com/security-alerts/cpuapr2024.htmlCVE-2024-32514 - WP Poll Maker allows unrestricted upload of files with dangerous types, posing a security risk for versions from n/a through 3.4.Product: InfoTheme WP Poll MakerCVSS Score: 9.9NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-32514NVD References: https://patchstack.com/database/vulnerability/epoll-wp-voting/wordpress-wp-poll-maker-plugin-3-4-authenticated-arbitrary-file-upload-vulnerability?_s_id=cveCVE-2023-39367 - Peplink Smart Reader v1.2.0 (in QEMU) is vulnerable to OS command injection through the mac2name functionality in its web interface, allowing attackers to execute arbitrary commands via a specially crafted HTTP request.Product: Peplink Smart ReaderCVSS Score: 9.1NVD: https://nvd.nist.gov/vu…

Product: HashiCorp go-getter

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-3817

ISC Podcast: https://isc.sans.edu/podcastdetail/8946

NVD References: https://discuss.hashicorp.com/t/hcsec-2024-09-hashicorp-go-getter-vulnerable-to-argument-injection-when-fetching-remote-default-git-branches/66040

Product: Multiple versions of Microsoft Windows

CVSS Score: 0

** KEV since 2022-01-10 **

NVD: https://nvd.nist.gov/vuln/detail/CVE-2013-3900

ISC Diary: https://isc.sans.edu/diary/30868

Product: Flowmon

CVSS Score: 0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-2389

ISC Podcast: https://isc.sans.edu/podcastdetail/8952

Product: Delta Electronics DVW-W02W2-E2

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-3871

NVD References: https://onekey.com/

Product: Kohya_ss

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-32022

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-32025

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-32026

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-32027

NVD References:

- https://github.com/bmaltais/kohya_ss/commit/831af8babeb75faff62bcc6a8c6a4f80354f1ff1

- https://github.com/bmaltais/kohya_ss/security/advisories/GHSA-m6jq-7j4v-2fg3

- https://github.com/bmaltais/kohya_ss/security/advisories/GHSA-qprv-9pg5-h33c

- https://github.com/bmaltais/kohya_ss/security/advisories/GHSA-v5cm-33w8-xrj6

- https://github.com/bmaltais/kohya_ss/security/advisories/GHSA-8h78-3vqm-xw83

- https://securitylab.github.com/advisories/GHSL-2024-019_GHSL-2024-024_kohya_ss

Product: Oracle Oracle Hospitality Simphony

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-20997

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21010

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21014

NVD References: https://www.oracle.com/security-alerts/cpuapr2024.html

Product: Oracle E-Business Suite

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21071

NVD References: https://www.oracle.com/security-alerts/cpuapr2024.html

Product: Oracle BI Publisher

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21082

NVD References: https://www.oracle.com/security-alerts/cpuapr2024.html

Product: InfoTheme WP Poll Maker

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-32514

NVD References: https://patchstack.com/database/vulnerability/epoll-wp-voting/wordpress-wp-poll-maker-plugin-3-4-authenticated-arbitrary-file-upload-vulnerability?_s_id=cve

Product: Peplink Smart Reader

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-39367

NVD References:

-

cve-2023-43491-cve-2023-45209-

- https://talosintelligence.com/vulnerability_reports/TALOS-2023-1867

Product: Support Genix

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-49742

NVD References: https://patchstack.com/database/vulnerability/support-genix-lite/wordpress-support-genix-plugin-1-2-3-broken-access-control-lead-to-arbitrary-file-upload-vulnerability?_s_id=cve

Product: Deepak Anand WP Dummy Content Generator

CVSS Score: 10.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-32599

NVD References: https://patchstack.com/database/vulnerability/wp-dummy-content-generator/wordpress-wp-dummy-content-generator-plugin-3-2-1-arbitrary-code-execution-vulnerability?_s_id=cve

Product: Judge0 open-source online code execution system

CVSS Score: 10.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28185

NVD References:

- https://github.com/judge0/judge0/blob/v1.13.0/app/jobs/isolate_job.rb#L197-L201

- https://github.com/judge0/judge0/commit/846d5839026161bb299b7a35fd3b2afb107992fc

- https://github.com/judge0/judge0/security/advisories/GHSA-h9g2-45c8-89cf

Product: Judge0 open-source online code execution system

CVSS Score: 10.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28189

NVD References:

- https://github.com/judge0/judge0/blob/v1.13.0/app/jobs/isolate_job.rb#L232

- https://github.com/judge0/judge0/commit/f3b8547b3b67863e4ea0ded3adcb963add56addd

- https://github.com/judge0/judge0/security/advisories/GHSA-3xpw-36v7-2cmg

- https://github.com/judge0/judge0/security/advisories/GHSA-h9g2-45c8-89cf

Product: Judge0

CVSS Score: 9.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29021

NVD References:

- https://github.com/judge0/judge0/blob/ad66f77b131dbbebf2b9ff8083dca9a68680b3e5/app/jobs/isolate_job.rb#L203-L230

- https://github.com/judge0/judge0/security/advisories/GHSA-q7vg-26pg-v5hr

Product: Akana Community Manager Developer Portal

CVSS Score: 9.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-2796

NVD References: https://portal.perforce.com/s/detail/a91PA000001STuXYAW

Product: Wazuh Manager

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-32038

NVD References: https://github.com/wazuh/wazuh/security/advisories/GHSA-fcpw-v3pg-c327

Product: All In Bits Evmos

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-32644

NVD References:

- https://github.com/evmos/evmos/blob/b196a522ba4951890b40992e9f97aa610f8b5f9c/x/evm/statedb/statedb.go#L460-L465

- https://github.com/evmos/evmos/commit/08982b5ee726b97bc50eaf58d1914829648b6a5f

- https://github.com/evmos/evmos/security/advisories/GHSA-3fp5-2xwh-fxm6

Product: FreeRDP

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-32039

NVD References:

- https://github.com/FreeRDP/FreeRDP/pull/10077

- https://github.com/FreeRDP/FreeRDP/releases/tag/2.11.6

- https://github.com/FreeRDP/FreeRDP/releases/tag/3.5.0

- https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-q5h8-7j42-j4r9

Product: FreeRDP

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-32041

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-32458

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-32459

NVD References:

- https://github.com/FreeRDP/FreeRDP/pull/10077

- https://github.com/FreeRDP/FreeRDP/releases/tag/2.11.6

- https://github.com/FreeRDP/FreeRDP/releases/tag/3.5.0

- https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-5r4p-mfx2-m44r

- https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-vvr6-h646-mp4p

- https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-cp4q-p737-rmw9

Product: FreeRDP

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-32658

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-32659

NVD References:

- https://github.com/FreeRDP/FreeRDP/commit/1a755d898ddc028cc818d0dd9d49d5acff4c44bf

- https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-vpv3-m3m9-4c2v

- https://oss-fuzz.com/testcase-detail/4852534033317888

- https://oss-fuzz.com/testcase-detail/6196819496337408

- https://github.com/FreeRDP/FreeRDP/commit/6430945ce003a5e24d454d8566f54aae1b6b617b

- https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-8jgr-7r33-x87w

- https://oss-fuzz.com/testcase-detail/6156779722440704

CVE-2024-21511 - Mysql2 versions before 3.9.7 are vulnerable to Arbitrary Code Injection through improper sanitization of the timezone parameter in the readCodeFor function.

Product: Mysql2

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21511

NVD References:

- https://github.com/sidorares/node-mysql2/commit/7d4b098c7e29d5a6cb9eac2633bfcc2f0f1db713

- https://github.com/sidorares/node-mysql2/pull/2608

- https://github.com/sidorares/node-mysql2/releases/tag/v3.9.7

- https://security.snyk.io/vuln/SNYK-JS-MYSQL2-6670046

CVE-2024-21409 - .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability

Product: Microsoft .NET Framework and Visual Studio

CVSS Score: 7.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21409

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21409

CVE-2024-28906, CVE-2024-28908 through CVE-2024-28915, CVE-2024-28926, CVE-2024-28927, CVE-2024-28939, CVE-2024-28940, CVE-2024-28942. CVE-2024-28944, CVE-2024-28945, CVE-2024-29044 through CVE-2024-29048, CVE-2024-29982 through CVE-2024-29985 - Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerabilities

Product: Microsoft OLE DB Driver for SQL Server

CVSS Scores: 7.5 - 8.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28906

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28908

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28909

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28910

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28911

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28912

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28913

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28914

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28915

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28926

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28927

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28939

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28940

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28942

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28944

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28945

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29044

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29045

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29046

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29047

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29048

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29982

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29983

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29984

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29985

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28906

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28908

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28909

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28910

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28911

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28912

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28913

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28914

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28915

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28926

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28927

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28939

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28940

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28944

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28945

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29044

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29045

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29046

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29047

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29048

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29982

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29983

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29984

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29985

CVE-2024-28929 through CVE-2024-28938, CVE-2024-28941, CVE-2024-28943, CVE-2024-29043 - Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerabilities

Product: Microsoft ODBC Driver for SQL Server

CVSS Score: 8.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28929

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28930

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28931

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28932

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28933

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28934

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28935

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28936

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28937

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28938

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28941

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28943

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29043

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28929

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28930

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28931

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28932

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28933

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28934

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28935

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28936

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28937

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28938

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28941

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28943

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29043

CVE-2015-6184 - Microsoft Internet Explorer versions 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service via a malformed CSS token sequence, known as "Internet Explorer Memory Corruption Vulnerability."

Product: Microsoft Internet_Explorer 11

CVSS Score: 0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2015-6184

ISC Diary: https://isc.sans.edu/diary/30868

CVE-2016-0088 - Hyper-V in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 allows for arbitrary code execution on the host OS through a crafted application.

Product: Microsoft Windows_Server_2012 r2

CVSS Score: 0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2016-0088

ISC Diary: https://isc.sans.edu/diary/30868

The following vulnerabilities need a manual review:

CVE-2024-20359 - Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain a privilege escalation vulnerability that can allow local privilege escalation from Administrator to root.

Product: Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)

CVSS Score:

** KEV since 2023-04-24 **

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-20359

ISC Diary:

ISC Podcast:

NVD References: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-persist-rce-FLsNXF4h

CVE-2024-20353 - Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain an infinite loop vulnerability that can lead to remote denial of service condition.

Product: Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)

CVSS Score:

** KEV since 2023-04-24 **

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-20353

ISC Diary:

ISC Podcast:

NVD References: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-websrvs-dos-X8gNucD2

Product: Microsoft .NET Framework and Visual Studio

CVSS Score: 7.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21409

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21409

CVE-2024-28906, CVE-2024-28908 through CVE-2024-28915, CVE-2024-28926, CVE-2024-28927, CVE-2024-28939, CVE-2024-28940, CVE-2024-28942.

Product: Microsoft OLE DB Driver for SQL Server

CVSS Scores: 7.5 - 8.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28906

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28908

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28909

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28910

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28911

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28912

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28913

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28914

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28915

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28926

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28927

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28939

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28940

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28942

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28944

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28945

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29044

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29045

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29046

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29047

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29048

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29982

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29983

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29984

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29985

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28906

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28908

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28909

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28910

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28911

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28912

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28913

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28914

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28915

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28926

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28927

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28939

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28940

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28944

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28945

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29044

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29045

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29046

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29047

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29048

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29982

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29983

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29984

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29985

CVE-2024-28929 through CVE-2024-28938, CVE-2024-28941, CVE-2024-28943, CVE-2024-29043 - Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerabilities

Product: Microsoft ODBC Driver for SQL Server

CVSS Score: 8.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28929

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28930

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28931

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28932

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28933

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28934

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28935

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28936

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28937

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28938

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28941

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28943

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29043

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28929

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28930

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28931

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28932

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28933

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28934

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28935

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28936

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28937

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28938

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28941

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28943

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29043

CVE-2015-6184 - Microsoft Internet Explorer versions 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service via a malformed CSS token sequence, known as "Internet Explorer Memory Corruption Vulnerability."

Product: Microsoft Internet_Explorer 11

CVSS Score: 0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2015-6184

ISC Diary: https://isc.sans.edu/diary/30868

CVE-2016-0088 - Hyper-V in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 allows for arbitrary code execution on the host OS through a crafted application.

Product: Microsoft Windows_Server_2012 r2

CVSS Score: 0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2016-0088

ISC Diary: https://isc.sans.edu/diary/30868

The following vulnerabilities need a manual review:

CVE-2024-20359 - Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain a privilege escalation vulnerability that can allow local privilege escalation from Administrator to root.

Product: Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)

CVSS Score:

** KEV since 2023-04-24 **

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-20359

ISC Diary:

ISC Podcast:

NVD References: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-persist-rce-FLsNXF4h

CVE-2024-20353 - Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain an infinite loop vulnerability that can lead to remote denial of service condition.

Product: Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)

CVSS Score:

** KEV since 2023-04-24 **

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-20353

ISC Diary:

ISC Podcast:

NVD References: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-websrvs-dos-X8gNucD2

Product: Microsoft Internet_Explorer 11

CVSS Score: 0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2015-6184

ISC Diary: https://isc.sans.edu/diary/30868

Product: Microsoft Windows_Server_2012 r2

CVSS Score: 0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2016-0088

ISC Diary: https://isc.sans.edu/diary/30868

The following vulnerabilities need a manual review:

Product: Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)

CVSS Score:

** KEV since 2023-04-24 **

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-20359

ISC Diary:

ISC Podcast:

NVD References: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-persist-rce-FLsNXF4h

Product: Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)

CVSS Score:

** KEV since 2023-04-24 **

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-20353

ISC Diary:

ISC Podcast:

NVD References: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-websrvs-dos-X8gNucD2