⚡ Webinar ▶ Level-Up SaaS Security: A Comprehensive Guide to ITDR and SSPM Save Your Seat
#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
CrowdSec

KEV Catalog | Breaking Cybersecurity News | The Hacker News

Severe Android and Novi Survey Vulnerabilities Under Active Exploitation

Severe Android and Novi Survey Vulnerabilities Under Active Exploitation

Apr 14, 2023 Mobile Security / Cyber Threat
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has  added  two vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The two flaws are listed below - CVE-2023-20963  (CVSS score: 7.8) - Android Framework Privilege Escalation Vulnerability CVE-2023-29492  (CVSS score: TBD) - Novi Survey Insecure Deserialization Vulnerability "Android Framework contains an unspecified vulnerability that allows for privilege escalation after updating an app to a higher Target SDK with no additional execution privileges needed," CISA  said  in an advisory for CVE-2023-20963. Google, in its monthly Android Security Bulletin for March 2023,  acknowledged  "there are indications that CVE-2023-20963 may be under limited, targeted exploitation." The development comes as tech news site Ars Technica  disclosed  late last month that Android apps digitally signed by China's e-commerce company Pinduoduo weap
CISA's KEV Catalog Updated with 3 New Flaws Threatening IT Management Systems

CISA's KEV Catalog Updated with 3 New Flaws Threatening IT Management Systems

Mar 08, 2023 Vulnerability / Cybersecurity
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has  added  three security flaws to its Known Exploited Vulnerabilities ( KEV ) catalog, citing evidence of active exploitation. The list of vulnerabilities is below - CVE-2022-35914  (CVSS score: 9.8) - Teclib GLPI Remote Code Execution Vulnerability CVE-2022-33891  (CVSS score: 8.8) - Apache Spark Command Injection Vulnerability CVE-2022-28810  (CVSS score: 6.8) - Zoho ManageEngine ADSelfService Plus Remote Code Execution Vulnerability The most critical of the three is  CVE-2022-35914 , which concerns a remote code execution vulnerability in the third-party library htmlawed present in  Teclib GLPI , an open source asset and IT management software package. The exact specifics surrounding the nature of attacks are unknown, but the Shadowserver Foundation in October 2022  noted  that it has seen exploitation attempts against its honeypots. Since then, a cURL-based one-line proof of concept (PoC) has been made a
cyber security

external linkFinally, Everyone Can (and Should) Ensure Essential SaaS Security

websiteWing SecuritySaaS Security / Compliance
This new product will help you achieve the baseline requirements for ensuring safe SaaS usage.
CISA Warns of Hackers Exploiting Recent Zoho ManageEngine Vulnerability

CISA Warns of Hackers Exploiting Recent Zoho ManageEngine Vulnerability

Sep 23, 2022
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday  added  a recently disclosed security flaw in Zoho ManageEngine to its Known Exploited Vulnerabilities ( KEV ) Catalog, citing evidence of active exploitation. "Zoho ManageEngine PAM360, Password Manager Pro, and Access Manager Plus contain an unspecified vulnerability which allows for remote code execution," the agency said in a notice. The  critical vulnerability , tracked as  CVE-2022-35405 , is rated 9.8 out of 10 for severity on the CVSS scoring system, and was patched by Zoho as part of updates released on June 24, 2022. Although the exact nature of the flaw remains unknown, the India-based enterprise solutions company  said  it addressed the issue by removing the vulnerable components that could lead to the remote execution of arbitrary code. Zoho has also warned of the public availability of a proof-of-concept (PoC) exploit for the vulnerability, making it imperative that customers move
Cybersecurity Resources