A vulnerability is present in PAN-OS 10.2, 11.0, and 11.1 firewalls configured with GlobalProtect gateway or portal with device telemetry enabled. This critical weakness identified as CVE-2024-3400 (CVSS 3.0: 10) is a command injection vulnerability which may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall. Palo Alto Networks is aware of a limited number of attacks that leverage the exploitation of this vulnerability. Threat actors utilized a backdoor after exploitation to perform data exfiltration and lateral movement throughout the network.

A vulnerability researcher has found a way to exploit Microsoft Xbox Gaming Services store application to perform an elevation of privileges from a user to SYSTEM level. The vulnerability categorized as CVE-2024-28916 (CVSS: 8.8) allows for a local attacker with the ability to create folder and performance traces on the machine to gain SYSTEM level privileges. Proof of concept exploit code was developed by security researcher Filip Dragović and reported to Microsoft, which subsequently patched/mitigated the vulnerability.

Ivanti’s internal security team discovered a Critical Remote Code Execution (RCE) vulnerability in one of their products in late 2023. This vulnerability, known as CVE-2024-41724 (CVSS: 9.6) allows an unauthenticated attacker to execute arbitrary commands on the operating system of the appliance within the same physical or logical network.

Three vulnerabilities were patched in the recent Edge release. Two are Remote Code Execution vulnerabilities and are considered a Type Confusion in V8, they allow a remote attacker to exploit heap corruption via a crafted HTML page. These vulnerabilities are CVE-2024-1939 and CVE-2024-1938. The other vulnerability is a low severity information disclosure vulnerability present in Microsoft Edge for Android. It is classified as CVE-2024-26186. These vulnerabilities are fixed in the latest Microsoft Edge Stable Channel, 122.0.2363.63.

A vulnerability has been discovered and patched in the External Border Gateway Protocol (eBGP) implementation of Cisco NX-OS Software.

A vulnerability has been discovered in Vim, an open-source text editor program. It is identified as CVE-2024-22667 (CVSSv3: 7.8) and is a stack-based...

ConnectWise has released a security update for its ScreenConnect software. Two vulnerabilities are associated with the patch...

VMware has released an advisory regarding two vulnerabilities, CVE-2024-22245 (CVSSv3:9.6) and CVE-2024-22250 (CVSSv3:7.8) which impact the VMware Enhanced Authentication Plug-in (EAP). They are arbitrary authentication relay and session hijack vulnerabilities which exist in the depreciated EAP plug-in. VMware advises users to remove this component from impacted environments. These vulnerabilities were attributed to VMware to Ceri Coburn from Pen Test Partners as the reporter of them.

Every second Tuesday of the month, Microsoft releases many security fixes to several of its software solutions, this is known as “Patch Tuesday.” This time around there have been several critical vulnerabilities and zero-days which have been remediated with the recent fixes. A total of two zero-day vulnerabilities and five critical vulnerabilities alongside 60+ other various vulnerabilities of varying severity. This report will only cover the most critical/notable vulnerabilities.