Welcome to TheCyberThrone cybersecurity week in review will be posted covering the important security happenings. This review is for the week ending Saturday, September 21, 2024.
Microsoft Kernel Vulnerability CVE-2024-37985 exploited
Microsoft has confirmed the exploitation of a Windows Kernel vulnerability, identified as CVE-2024-37985, in the wild. This vulnerability, first released on July 9, 2024, and last updated on September 17, 2024, poses a significant risk due to its potential for information disclosure.
The vulnerability has a CVSS score of 5.9 and stems from a weakness identified as CWE-1037: Processor Optimization Removal or Modification of Security-critical Code, which will lead to unauthorized information disclosure…..
Spring Framework Vulnerability CVE-2024-38816 fixed
A high severity vulnerability has been discovered in the Spring Framework, that allows attackers to gain unauthorized access to sensitive files on the server, posing a significant risk of data breaches and system compromise.
The vulnerability tracked as CVE-2024-38816 with a CVSS score of 7.5 lies in handling the static resources served through the functional web frameworks WebMvc.fn or WebFlux.fn. By crafting malicious HTTP requests, attackers can bypass security measures and retrieve arbitrary files from the server’s file system, including configuration files, source code, and user data…..
GitLab fixes critical vulnerability CVE-2024-45409
GitLab has released security patches for a critical vulnerability that affects both GitLab Community Edition (CE) and Enterprise Edition (EE) that allows a threat actor to bypass authentication checks and gain access to sensitive GitLab projects, including source code repositories, without needing to supply valid credentials.
The flaw, identified as CVE-2024-45409, with a CVSS score of 10, stems from improper signature verification in certain versions of the Ruby-SAML library (<=12.2 and 1.13.0 through 1.16.0). This flaw allows an unauthenticated attacker to forge a SAML response, effectively granting them access to GitLab as any arbitrary user……
SUBSCRIBE TO OUR BLOG TODAY !
We understand the importance of staying on top of the latest threats and vulnerabilities that can harm your digital life. You’ll receive the latest cybersecurity news, insights, resources, offers and analysis straight to your inbox every day
VMware fixes flaws identified in Chinese Matrix Cup
VMware released patches for two critical vulnerabilities in its vCenter Server platform and warned that there’s a major risk of remote code execution attacks.
The first vulnerability tracked as CVE-2024-38812 with a CVSS score of 9.8 is a heap-overflow in th Distributed Computing Environment / Remote Procedure Call (DCERPC) protocol implementation within vCenter Server. An attacker with network access to the server could send a specially crafted packet to execute remote code.
The second vulnerability tracked as CVE-2024-38813 with a CVSS score of 7.5 is described as a privilege escalation vulnerability in which a malicious actor with network access to vCenter Server may trigger this vulnerability to escalate privileges to root by sending a specially crafted network packet……
Ivanti fixes CVE-2024-8963 Flaw that added to KEV catalog
Ivanti has released a patch for a critical vulnerability in its new Cloud Services Appliance (CSA) vulnerability, which will lead to a path traversal issue
The vulnerability tracked as CVE-2024-8963 with a CVSS score of 9.4, a remote unauthenticated attacker could exploit the vulnerability to access restricted functionality. An attacker could chain the issue with the recently disclosed flaw CVE-2024-8190 to bypass admin authentication and execute arbitrary commands on the appliance.
This brings end of this week in review security coverage. Thanks for visiting TheCyberThrone. If you like us please follow us on Facebook, Twitter, Instagram
