PoC – WindowsTechs.com

PoC for critical Progress Flowmon vulnerability released (CVE-2024-2389)

Posted on April 24, 2024 by Zeljka Zorz

More details of and a proof-of-concept exploit for an unauthenticated OS command injection vulnerability (CVE-2024-2389) in Flowmon, Progress Software’s network monitoring/analysis and security solution, have been published. The critical vulnerab… Continue reading PoC for critical Progress Flowmon vulnerability released (CVE-2024-2389)→

Posted on April 17, 2024 by Zeljka Zorz

While it initially seemed that protecting Palo Alto Network firewalls from attacks leveraging CVE-2024-3400 would be possible by disabling the devices’ telemetry, it has now been confirmed that this mitigation is ineffectual. “Device teleme… Continue reading Palo Alto firewalls: Public exploits, rising attacks, ineffective mitigation→

Posted on April 15, 2024 by Zeljka Zorz

Organizations with on-prem installations of Delinea Secret Server are urged to update them immediately, to plug a critical vulnerability that may allow attackers to bypass authentication, gain admin access and extract secrets. Fixing the Delinea Secret… Continue reading A critical vulnerability in Delinea Secret Server allows auth bypass, admin access→

Posted on March 19, 2024 by Helga Labus

Proof-of-concept (PoC) exploit code for a critical RCE vulnerability (CVE-2024-25153) in Fortra FileCatalyst MFT solution has been published. About CVE-2024-25153 Fortra FileCatalyst is an enterprise managed file transfer (MFT) software solution that i… Continue reading PoC exploit for critical Fortra FileCatalyst MFT vulnerability released (CVE-2024-25153)→

Posted on March 14, 2024 by Zeljka Zorz

A recently fixed SQL injection vulnerability (CVE-2023-48788) in Fortinet’s FortiClient Endpoint Management Server (EMS) solution has apparently piqued the interest of many: Horizon3’s Attack Team means to publish technical details and a pr… Continue reading Critical FortiClient EMS vulnerability fixed, (fake?) PoC for sale (CVE-2023-48788)→

Posted on March 14, 2024 by Zeljka Zorz

Arcserve has fixed critical security vulnerabilities (CVE-2024-0799, CVE-2024-0800) in its Unified Data Protection (UDP) solution that can be chained to upload malicious files to the underlying Windows system. Tenable researchers have published a PoC e… Continue reading PoC for critical Arcserve UDP vulnerabilities published (CVE-2024-0799, CVE-2024-0800)→

Posted on February 22, 2024 by Zeljka Zorz

The two ScreenConnect vulnerabilities ConnectWise has recently urged customers to patch have finally been assigned CVE numbers: CVE-2024-1709 for the authentication bypass, CVE-2024-1708 for the path traversal flaw. ConnectWise has also released a newe… Continue reading Attackers exploiting ConnectWise ScreenConnect flaws, fixes available for all users (CVE-2024-1709, CVE-2024-1708)→

Posted on February 12, 2024 by Ionut Arghire

Organizations urged to hunt for potential compromise as exploitation of a recent Ivanti enterprise VPN vulnerability begins.
The post Exploitation of Another Ivanti VPN Vulnerability Observed appeared first on SecurityWeek.
Continue reading Exploitation of Another Ivanti VPN Vulnerability Observed→

Posted on January 31, 2024 by Zeljka Zorz

A zero-day vulnerability that, when triggered, could crash the Windows Event Log service on all supported (and some legacy) versions of Windows could spell trouble for enterprise defenders. Discovered by a security researcher named Florian and reported… Continue reading A zero-day vulnerability (and PoC) to blind defenses relying on Windows event logs→

Posted on January 29, 2024 by Ionut Arghire

PoC exploit code targeting a critical Jenkins vulnerability patched last week is already publicly available.
The post PoC Exploit Published for Critical Jenkins Vulnerability appeared first on SecurityWeek.
Continue reading PoC Exploit Published for Critical Jenkins Vulnerability→