Alexander V. Leonov

What has become known about the Elevation of Privilege – Windows Common Log File System Driver (CVE-2024-49138) vulnerability from the December Microsoft Patch Tuesday a month later? Almost nothing. 🙄 This is a vulnerability in a standard Windows component, available in all versions starting with Windows Server 2003 R2. Its description is typical for EoP […]

January Microsoft Patch Tuesday. 170 CVEs, 10 of them were added since December MSPT. 3 exploited in the wild: 🔻 EoP – Windows Hyper-V NT Kernel Integration VSP (CVE-2025-21333, CVE-2025-21334, CVE-2025-21335). No details yet. No vulnerabilities have public exploits. 5 have private ones: 🔸 Security Feature Bypass – Microsoft Update Catalog (CVE-2024-49147), MapUrlToZone (CVE-2025-21268, CVE-2025-21189)🔸 […]

About Elevation of Privilege – Windows Kernel Streaming WOW Thunk Service Driver (CVE-2024-38144) vulnerability. The vulnerability is from the August Microsoft Patch Tuesday. It wasn’t highlighted in reviews; all we knew was that a local attacker could gain SYSTEM privileges. Three and a half months later, on November 27, SSD Secure Disclosure released a write-up […]

About Authentication Bypass – Hunk Companion WordPress plugin (CVE-2024-11972) vulnerability. ThemeHunk company develops commercial themes for WordPress CMS. And the Hunk Companion plugin is designed to complement and enhance the functionality of these themes. The plugin has over 10,000 installations. On December 10, WPScan reported a vulnerability in Hunk Companion plugin versions below 1.9.0, allowing […]

Aggregators of actively discussed vulnerabilities. Alexander Redchits updated his list of services that highlight TOP CVE vulnerabilities and uploaded it with descriptions to teletype (in Russian). Now there are 11 of them: 1. Intruder’s Top CVE Trends & Expert Vulnerability Insights2. Cytidel Top Trending3. CVE Crowd4. Feedly Trending Vulnerabilities5. CVEShield6. CVE Radar7. Vulners “Discussed in […]

About Remote Code Execution – Apache Struts (CVE-2024-53677) vulnerability. Apache Struts is an open source software framework for building Java web applications. It allows developers to separate the application’s business logic from the user interface. Due to its scalability and flexibility, Apache Struts is often used in large enterprise projects. A security bulletin describing the […]

About Remote Code Execution – Windows Lightweight Directory Access Protocol (LDAP) (CVE-2024-49112). The vulnerability is from the December Microsoft Patch Tuesday. Three weeks later, on January 1, researchers from SafeBreach released a write-up on this vulnerability, labeled as LDAPNightmare, and an exploit PoC. The exploit causes a forced reboot of Windows servers. One prerequisite: the […]

New episode “In The Trend of VM” (#10): 8 trending vulnerabilities of November, zero budget VM and who should look for patches. The competition for the best question on the topic of VM continues. 😉🎁 📹 Video on YouTube, LinkedIn🗞 Post on Habr (rus)🗒 Digest on the PT website Content: 🔻 00:29 Spoofing – Windows […]

December Microsoft Patch Tuesday. 89 CVEs, of which 18 were added since November MSPT. 1 vulnerability with signs of exploitation in the wild: 🔻 EoP – Windows Common Log File System Driver (CVE-2024-49138). There are no details about this vulnerability yet. Strictly speaking, there was another vulnerability that was exploited in the wild: EoP – […]

About Elevation of Privilege – Windows Task Scheduler (CVE-2024-49039) vulnerability. It was released on November Microsoft Patch Tuesday and showed signs of exploitation in the wild right away. To exploit the vulnerability, an authenticated attacker runs a specially crafted application on the target system. The attack can be performed from an AppContainer restricted environment. Using […]