Welcome to TheCyberThrone most exploited vulnerabilities review. This review is for the weeks ending Saturday, October 26, 2024.
Fortinet FortiManager
CVE-2024-47575: With a CVSS score of 9.8, it deemed to be a critical vulnerability. A missing authentication for critical function vulnerability [CWE-306] in FortiManager fgfmd daemon may allow a remote unauthenticated attacker to execute arbitrary code or commands via specially crafted requests.
Based on the evidence of mass exploitation, this vulnerability has been added to the CISA KEV catalog
Cisco VPN Vulnerability
CVE-2024-20481: With a CVSS score of 5.8, its deemed to be a medium severity vulnerability. It resides in the RAVPN service of Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) software. This flaw allows unauthenticated, remote attackers to overwhelm the RAVPN service with a flood of authentication requests, ultimately causing a denial-of-service (DoS) condition. Cisco has confirmed active exploitation of this vulnerability and urges users to update their devices immediately.
Based on the evidence of mass exploitation, this vulnerability has been added to the CISA KEV catalog
Microsoft Exchange
CVE-2024-26198:- With a CVSS score of 8.8, it deemed to be a high severity vulnerability. It is a remote code execution vulnerability affecting Microsoft Exchange Servers. An attacker can exploit this flaw by sending specially crafted emails to targets, potentially gaining control over the affected system. Successful exploitation could allow the attacker to install programs, view, change, or delete data, and create new accounts with full user rights. This has been patched by Microsoft during March 2024
Fortinet FortiProxy
CVE-2024-21762:- With a CVSS score of 9.8, it deemed to be critical. A out-of-bounds write vulnerability [CWE-787] in FortiOS and FortiProxy may allow a remote unauthenticated attacker to execute arbitrary code or command via specially crafted HTTP requests.
Based on the evidence of mass exploitation, this vulnerability has been added to the CISA KEV catalog on February 09, 2024.
Roundcube Webmail
CVE-2023-5631:- With a CVSS score of 6.1, it deemed to be Medium severity vulnerability.Roundcube Webmail contains a persistent cross-site scripting (XSS) vulnerability that allows a remote attacker to run malicious JavaScript code.
Based on the evidence of mass exploitation, this vulnerability has been added to the CISA KEV catalog on October 26, 2023.
This brings end of this week in review security coverage. Thanks for visiting TheCyberThrone. If you like us please follow us on Facebook, Twitter, Instagram
