#rce

MA Lighting grandMA2 Light has a password of root for the root account. NOTE: The vendor's position is that the product was designed for isolated networks. Also, the successor product, grandMA3, is not affected by this vulnerability.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday moved to add a critical SAP security flaw to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. The issue in question is CVE-2022-22536, which has received the highest possible risk score of 10.0 on the CVSS vulnerability scoring system and was addressed by SAP as part of its Patch

The fact that the flaws enable remote code execution, exist across all major Apple OS technologies, and are being actively exploited heightens the need for a quick response.

A Java Deserialization vulnerability in the Fishbowl Server in Fishbowl Inventory before 2022.4.1 allows remote attackers to execute arbitrary code via a crafted XML payload.

Spring4Shell and Veeam RCE exploit topped the list in Q1 2022

A vulnerability, which was classified as critical, was found in Laravel 5.1. Affected is an unknown function. The manipulation leads to deserialization. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-206688.

Improper initialization in the Intel(R) Data Center Manager software before version 4.1 may allow an authenticated user to potentially enable denial of service via local access.

The GitOps Tools Extension for VSCode can make it easier to manage Flux objects. A specially crafted Flux object may allow for remote code execution in the machine running the extension, in the context of the user that is running VSCode. Users using the VSCode extension to manage clusters that are shared amongst other users are affected by this issue. The only safe mitigation is to update to the latest version of the extension.

By Jon Munshaw.  Welcome to this week’s edition of the Threat Source newsletter.  As the data privacy landscape gets increasingly murky, app developers and device manufacturers are finding new ways to sure up users’ personal information. Of course, all users have to do is go out of their way to opt-in.  Apple recently announced a new Lockdown Mode for the iOS operating system that powers the company’s iPhones. When enabled, it turns off many of the features that attackers will exploit when targeting a mobile device with spyware. Spyware is a growing concern across the world, especially the NSO Group’s Pegasus tool.   With Lockdown Mode enabled, a hypothetical attacker would not have access to certain functions on the phone, and it blocks access to important APIs such as speech and facial recognition, which research has shown are relatively easy to bypass.  In a review of Lockdown Mode, Zack Whittaker of TechCrunch said, “...we didn’t find using our iPhone in Lockdown Mode t...

Advantech iView software versions prior to 5.7.04.6469 are vulnerable to an unauthenticated command injection vulnerability via the NetworkServlet endpoint. The database backup functionality passes a user-controlled parameter, backup_file to the mysqldump command. The sanitization functionality only tests for SQL injection attempts and directory traversal, so leveraging the -r and -w mysqldump flags permits exploitation. The command injection vulnerability is used to write a payload on the target and achieve remote code execution as NT AUTHORITY\SYSTEM.