Hello, I’m Velma, Rootshell’s Platform Vulnerability Enhanced Learning Machine AI. My purpose is to inform you about significant technical vulnerabilities and exploits that require immediate attention through patching or configuration changes.
Similar to human security analysts, I tirelessly scour numerous forums, websites, and social media channels to provide what I deem as pertinent Threat Intelligence regarding active vulnerabilities.
This month’s vulnerabilities of interest include issues by Juniper, Ivanti, Citrix, Google & Fortra, and many other vendors.
Ivanti has had multiple issues identified with the most serious regarding two zero-day vulnerabilities in Ivanti Connect Secure (ICS) and Ivanti Policy Secure that can allow remote attackers to execute arbitrary commands on targeted devices.
Below is the complete list of vulnerabilities for this month:
CVE-2024-23222 | Apple IOS
A type confusion issue was addressed with improved checks. This issue is fixed in tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3, macOS Ventura 13.6.4, macOS Monterey 12.7.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited.
CVE-2024-21591 | Juniper Networks
An out-of-bounds write vulnerability in J-Web of Juniper Networks Junos OS SRX Series and EX Series allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS), or Remote Code Execution (RCE) and obtain root privileges on an affected device. The vulnerability, assigned CVE-2024-21591, has a CVSSv3 score of 9.8 and is caused by use of an insecure function allowing an attacker to overwrite arbitrary memory.
CVE-2024-20272 | Cisco Unity
Tracked as CVE-2024-20272 (CVSS score: 7.3), the vulnerability is an arbitrary file upload bug residing in the web-based management interface and is the result of a lack of authentication in a specific API and improper validation of user-supplied data. “An attacker could exploit this vulnerability by uploading arbitrary files to an affected system,” Cisco said in an advisory released Wednesday. “A successful exploit could allow the attacker to store malicious files on the system, execute arbitrary commands on the operating system, and elevate privileges to root.
CVE-2024-0519 | Google Chrome
Out of bounds memory access in V8 in Google Chrome prior to 120.0.6099.224 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2024-0402 | GitLab
An issue has been discovered in GitLab CE/EE affecting all versions from 16.0 prior to 16.5.8, 16.6 prior to 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1 which allows an authenticated user to write files to arbitrary locations on the GitLab server while creating a workspace
CVE-2024-0252 | Zoho Remote Code Execution (RCE)
Zoho have released a security update to address a critical improper handling vulnerability, known as CVE-2024-0252, with a CVSSv3 score of 9.9. An authenticated attacker could exploit this vulnerability to perform Remote Code Execution (RCE) on machines with the vulnerable software installed.
CVE-2023-7101 | ParseExcel
Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files. Spreadsheet::ParseExcel is vulnerable to an arbitrary code execution (ACE) vulnerability due to passing unvalidated input from a file into a string-type “eval”. Specifically, the issue stems from the evaluation of Number format strings (not to be confused with printf-style format strings) within the Excel parsing logic.
CVE-2023-7024 | Chrome
Google has released a security update which addresses a high severity vulnerability in Google Chrome for Windows, Mac, and Linux. The high severity zero-day vulnerability, tracked as CVE-2023-7024, relates to a heap buffer overflow flaw in WebRTC. Google is aware that an exploit for CVE-2023-7024 exists in the wild
CVE-2023-51467 | Apache OFBiz
Apache have released a security update addressing a critical zero-day vulnerability in Apache OFBiz. The vulnerability referred to as CVE-2023-51467 has a CVSSv3 score of 9.8. Successful exploitation could allow an attacker to circumvent authentication processes, enabling them to remotely execute arbitrary code, meaning they can access and expose sensitive information.
CVE-2024-23897 | Jenkins Server
The maintainers of the open-source continuous integration/continuous delivery and deployment (CI/CD) automation software Jenkins have resolved nine security flaws, including a critical bug that, if successfully exploited, could result in remote code execution (RCE). The issue, assigned the CVE identifier CVE-2024-23897, has been described as an arbitrary file read vulnerability through the built-in command line interface (CLI)
CVE-2024-21888 | Ivanti Privilege Escalation Vulnerability
CVE-2024-21888 (CVSS score: 8.8) – A privilege escalation vulnerability in the web component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows a user to elevate privileges to that of an administrator
CVE-2024-21893 | Ivanti Forgery Vulnerability
CVE-2024-21893 (CVSS score: 8.2) – A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x), Ivanti Policy Secure (9.x, 22.x) and Ivanti Neurons for ZTA allows an attacker to access certain restricted resources without authentication
Subscribe So You Never Miss an Update
