In the dynamic realm of cybersecurity, staying updated on the latest vulnerabilities is imperative.
This edition of the AppSecWorld's CVE Daily Digest provides a snapshot of the vulnerabilities published in National Vulnerability Database between January 09-10, 2024.
During this period, The National Vulnerability Database published 161, and these new Common Vulnerabilities and Exposures (CVEs) are classified as follows:
Critical: 12
High: 68
Medium: 46
Low: 8
Severity Not Assigned: 27
Identifying and understanding these vulnerabilities are pivotal steps towards enhancing security measures and creating a safer digital environment.
Now, let's delve deeper into AppSecWorld's CVE Daily Digest, spotlighting the Critical and High Severity vulnerabilities that demand immediate attention.
1. CVE-2024-21648
Base Score: 8.0
Base Severity: HIGH
Exploitability Score: 2.1
Impact Score: 5.9
Description: XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. The rollback action is missing a right protection, a user can rollback to a previous version of the page to gain rights they don't have anymore. The problem has been patched in XWiki 14.10.17, 15.5.3 and 15.8-rc-1 by ensuring that the rights are checked before performing the rollback.
References: https://github.com/xwiki/xwiki-platform/commit/4de72875ca49602796165412741033bfdbf1e680
https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-xh35-w7wg-95v3
https://jira.xwiki.org/browse/XWIKI-21257
CWE-ID: CWE-274
Common Platform Enumerations (CPE): Not Found
2. CVE-2024-21651
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. A user able to attach a file to a page can post a malformed TAR file by manipulating file modification times headers, which when parsed by Tika, could cause a denial of service issue via CPU consumption. This vulnerability has been patched in XWiki 14.10.18, 15.5.3 and 15.8 RC1.
References: https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-8959-rfxh-r4j4
https://jira.xwiki.org/browse/XCOMMONS-2796
CWE-ID: CWE-400
Common Platform Enumerations (CPE): Not Found
3. CVE-2024-21663
Base Score: 9.9
Base Severity: CRITICAL
Exploitability Score: 3.1
Impact Score: 6.0
Description: Discord-Recon is a Discord bot created to automate bug bounty recon, automated scans and information gathering via a discord server. Discord-Recon is vulnerable to remote code execution. An attacker is able to execute shell commands in the server without having an admin role. This vulnerability has been fixed in version 0.0.8.
References: https://github.com/DEMON1A/Discord-Recon/commit/f9cb0f67177f5e2f1022295ca8e641e47837ec7a
https://github.com/DEMON1A/Discord-Recon/issues/23
https://github.com/DEMON1A/Discord-Recon/security/advisories/GHSA-fjcj-g7x8-4rp7
CWE-ID: CWE-20
Common Platform Enumerations (CPE): Not Found
4. CVE-2024-21646
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Azure uAMQP is a general purpose C library for AMQP 1.0. The UAMQP library is used by several clients to implement AMQP protocol communication. When clients using this library receive a crafted binary type data, an integer overflow or wraparound or memory safety issue can occur and may cause remote code execution. This vulnerability has been patched in release 2024-01-01.
References: https://github.com/Azure/azure-uamqp-c/commit/12ddb3a31a5a97f55b06fa5d74c59a1d84ad78fe
https://github.com/Azure/azure-uamqp-c/security/advisories/GHSA-j29m-p99g-7hpv
CWE-ID: CWE-94
Common Platform Enumerations (CPE): Not Found
5. CVE-2024-21735
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 0.7
Impact Score: 6.0
Description: SAP LT Replication Server - version S4CORE 103, S4CORE 104, S4CORE 105, S4CORE 106, S4CORE 107, S4CORE 108, does not perform necessary authorization checks. This could allow an attacker with high privileges to perform unintended actions, resulting in escalation of privileges, which has High impact on confidentiality, integrity and availability of the system.
References: https://me.sap.com/notes/3407617
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
CWE-ID: CWE-285
Common Platform Enumerations (CPE): Not Found
6. CVE-2023-39336
Base Score: 9.6
Base Severity: CRITICAL
Exploitability Score: 2.8
Impact Score: 6.0
Description: An unspecified SQL Injection vulnerability in Ivanti Endpoint Manager released prior to 2022 SU 5 allows an attacker with access to the internal network to execute arbitrary SQL queries and retrieve output without the need for authentication. Under specific circumstances, this may also lead to RCE on the core server.
References: https://forums.ivanti.com/s/article/SA-2023-12-19-CVE-2023-39336?language=en_US
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
7. CVE-2024-21737
Base Score: 8.4
Base Severity: HIGH
Exploitability Score: 1.7
Impact Score: 6.0
Description: In SAP Application Interface Framework File Adapter - version 702, a high privilege user can use a function module to traverse through various layers and execute OS commands directly. By this, such user can control the behaviour of the application. This leads to considerable impact on confidentiality, integrity and availability.
References: https://me.sap.com/notes/3411869
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
CWE-ID: CWE-94
Common Platform Enumerations (CPE): Not Found
8. CVE-2024-22125
Base Score: 7.4
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 4.0
Description: Under certain conditions the Microsoft Edge browser extension (SAP GUI connector for Microsoft Edge) - version 1.0, allows an attacker to access highly sensitive information which would otherwise be restricted causing high impact on confidentiality.
References: https://me.sap.com/notes/3386378
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
CWE-ID: CWE-497
Common Platform Enumerations (CPE): Not Found
9. CVE-2023-7219
Base Score: 7.2
Base Severity: HIGH
Exploitability Score: 1.2
Impact Score: 5.9
Description: A vulnerability has been found in Totolink N350RT 9.3.5u.6139_B202012 and classified as critical. Affected by this vulnerability is the function loginAuth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument http_host leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-249853 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
References: https://github.com/jylsec/vuldb/blob/main/TOTOLINK/N350RT/5/README.md
https://vuldb.com/?ctiid.249853
https://vuldb.com/?id.249853
CWE-ID: CWE-121
Common Platform Enumerations (CPE): Not Found
10. CVE-2023-50930
Base Score: 8.3
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.5
Description: An issue was discovered in savignano S/Notify before 4.0.2 for Jira. While an administrative user is logged on, the configuration settings of S/Notify can be modified via a CSRF attack. The injection could be initiated by the administrator clicking a malicious link in an email or by visiting a malicious website. If executed while an administrator is logged on to Jira, an attacker could exploit this to modify the configuration of the S/Notify app on that host. This can, in particular, lead to email notifications being no longer encrypted when they should be.
References: https://help.savignano.net/snotify-email-encryption/sa-2023-11-28
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
11. CVE-2023-50931
Base Score: 8.3
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.5
Description: An issue was discovered in savignano S/Notify before 2.0.1 for Bitbucket. While an administrative user is logged on, the configuration settings of S/Notify can be modified via a CSRF attack. The injection could be initiated by the administrator clicking a malicious link in an email or by visiting a malicious website. If executed while an administrator is logged on to Bitbucket, an attacker could exploit this to modify the configuration of the S/Notify app on that host. This can, in particular, lead to email notifications being no longer encrypted when they should be.
References: https://help.savignano.net/snotify-email-encryption/sa-2023-11-28
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
12. CVE-2023-50932
Base Score: 8.3
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.5
Description: An issue was discovered in savignano S/Notify before 4.0.2 for Confluence. While an administrative user is logged on, the configuration settings of S/Notify can be modified via a CSRF attack. The injection could be initiated by the administrator clicking a malicious link in an email or by visiting a malicious website. If executed while an administrator is logged on to Confluence, an attacker could exploit this to modify the configuration of the S/Notify app on that host. This can, in particular, lead to email notifications being no longer encrypted when they should be.
References: https://help.savignano.net/snotify-email-encryption/sa-2023-11-28
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
13. CVE-2023-7220
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: A vulnerability was found in Totolink NR1800X 9.1.0u.6279_B20210910 and classified as critical. Affected by this issue is the function loginAuth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument password leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-249854 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
References: https://github.com/jylsec/vuldb/blob/main/TOTOLINK/NR1800X/1/README.md
https://vuldb.com/?ctiid.249854
https://vuldb.com/?id.249854
CWE-ID: CWE-121
Common Platform Enumerations (CPE): Not Found
14. CVE-2023-44120
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: A vulnerability has been identified in Spectrum Power 7 (All versions < V23Q4). The affected product's sudo configuration permits the local administrative account to execute several entries as root user. This could allow an authenticated local attacker to inject arbitrary code and gain root access.
References: https://cert-portal.siemens.com/productcert/pdf/ssa-786191.pdf
CWE-ID: CWE-732
Common Platform Enumerations (CPE): Not Found
15. CVE-2023-49121
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.
References: https://cert-portal.siemens.com/productcert/pdf/ssa-589891.pdf
CWE-ID: CWE-122
Common Platform Enumerations (CPE): Not Found
16. CVE-2023-49122
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.
References: https://cert-portal.siemens.com/productcert/pdf/ssa-589891.pdf
CWE-ID: CWE-122
Common Platform Enumerations (CPE): Not Found
17. CVE-2023-49123
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.
References: https://cert-portal.siemens.com/productcert/pdf/ssa-589891.pdf
CWE-ID: CWE-122
Common Platform Enumerations (CPE): Not Found
18. CVE-2023-49124
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.
References: https://cert-portal.siemens.com/productcert/pdf/ssa-589891.pdf
CWE-ID: CWE-125
Common Platform Enumerations (CPE): Not Found
19. CVE-2023-49126
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.
References: https://cert-portal.siemens.com/productcert/pdf/ssa-589891.pdf
CWE-ID: CWE-125
Common Platform Enumerations (CPE): Not Found
20. CVE-2023-49127
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.
References: https://cert-portal.siemens.com/productcert/pdf/ssa-589891.pdf
CWE-ID: CWE-125
Common Platform Enumerations (CPE): Not Found
21. CVE-2023-49128
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted PAR file. This could allow an attacker to execute code in the context of the current process.
References: https://cert-portal.siemens.com/productcert/pdf/ssa-589891.pdf
CWE-ID: CWE-787
Common Platform Enumerations (CPE): Not Found
22. CVE-2023-49129
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected applications contain a stack overflow vulnerability while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.
References: https://cert-portal.siemens.com/productcert/pdf/ssa-589891.pdf
CWE-ID: CWE-121
Common Platform Enumerations (CPE): Not Found
23. CVE-2023-49130
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process.
References: https://cert-portal.siemens.com/productcert/pdf/ssa-589891.pdf
CWE-ID: CWE-824
Common Platform Enumerations (CPE): Not Found
24. CVE-2023-49131
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process.
References: https://cert-portal.siemens.com/productcert/pdf/ssa-589891.pdf
CWE-ID: CWE-824
Common Platform Enumerations (CPE): Not Found
25. CVE-2023-49132
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process.
References: https://cert-portal.siemens.com/productcert/pdf/ssa-589891.pdf
CWE-ID: CWE-824
Common Platform Enumerations (CPE): Not Found
26. CVE-2023-49251
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.7). The "intermediate installation" system state of the affected application allows an attacker to add their own login credentials to the device. This allows an attacker to remotely login as root and take control of the device even after the affected device is fully set up.
References: https://cert-portal.siemens.com/productcert/pdf/ssa-777015.pdf
CWE-ID: CWE-639
Common Platform Enumerations (CPE): Not Found
27. CVE-2023-49252
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.7). The affected application allows IP configuration change without authentication to the device. This could allow an attacker to cause denial of service condition.
References: https://cert-portal.siemens.com/productcert/pdf/ssa-777015.pdf
CWE-ID: CWE-20
Common Platform Enumerations (CPE): Not Found
28. CVE-2023-49621
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.7). The "intermediate installation" system state of the affected application uses default credential with admin privileges. An attacker could use the credentials to gain complete control of the affected device.
References: https://cert-portal.siemens.com/productcert/pdf/ssa-777015.pdf
CWE-ID: CWE-1392
Common Platform Enumerations (CPE): Not Found
29. CVE-2023-49722
Base Score: 8.3
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.5
Description: Network port 8899 open in WiFi firmware of BCC101/BCC102/BCC50 products, that allows an attacker to connect to the device via same WiFi network.
References: https://psirt.bosch.com/security-advisories/BOSCH-SA-473852.html
CWE-ID: CWE-1125
Common Platform Enumerations (CPE): Not Found
30. CVE-2023-51438
Base Score: 10.0
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 6.0
Description: A vulnerability has been identified in SIMATIC IPC1047E (All versions with maxView Storage Manager < V4.14.00.26068 on Windows), SIMATIC IPC647E (All versions with maxView Storage Manager < V4.14.00.26068 on Windows), SIMATIC IPC847E (All versions with maxView Storage Manager < V4.14.00.26068 on Windows). In default installations of maxView Storage Manager where Redfish® server is configured for remote system management, a vulnerability has been identified that can provide unauthorized access.
References: https://cert-portal.siemens.com/productcert/pdf/ssa-702935.pdf
CWE-ID: CWE-20
Common Platform Enumerations (CPE): Not Found
31. CVE-2023-51439
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: A vulnerability has been identified in JT2Go (All versions < V14.3.0.6), Teamcenter Visualization V13.3 (All versions < V13.3.0.13), Teamcenter Visualization V14.1 (All versions < V14.1.0.12), Teamcenter Visualization V14.2 (All versions < V14.2.0.9), Teamcenter Visualization V14.3 (All versions < V14.3.0.6). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted CGM files. This could allow an attacker to execute code in the context of the current process.
References: https://cert-portal.siemens.com/productcert/pdf/ssa-794653.pdf
CWE-ID: CWE-125
Common Platform Enumerations (CPE): Not Found
32. CVE-2023-51745
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: A vulnerability has been identified in JT2Go (All versions < V14.3.0.6), Teamcenter Visualization V13.3 (All versions < V13.3.0.13), Teamcenter Visualization V14.1 (All versions < V14.1.0.12), Teamcenter Visualization V14.2 (All versions < V14.2.0.9), Teamcenter Visualization V14.3 (All versions < V14.3.0.6). The affected applications contain a stack overflow vulnerability while parsing specially crafted CGM files. This could allow an attacker to execute code in the context of the current process.
References: https://cert-portal.siemens.com/productcert/pdf/ssa-794653.pdf
CWE-ID: CWE-121
Common Platform Enumerations (CPE): Not Found
33. CVE-2023-51746
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: A vulnerability has been identified in JT2Go (All versions < V14.3.0.6), Teamcenter Visualization V13.3 (All versions < V13.3.0.13), Teamcenter Visualization V14.1 (All versions < V14.1.0.12), Teamcenter Visualization V14.2 (All versions < V14.2.0.9), Teamcenter Visualization V14.3 (All versions < V14.3.0.6). The affected applications contain a stack overflow vulnerability while parsing specially crafted CGM files. This could allow an attacker to execute code in the context of the current process.
References: https://cert-portal.siemens.com/productcert/pdf/ssa-794653.pdf
CWE-ID: CWE-121
Common Platform Enumerations (CPE): Not Found
34. CVE-2023-5347
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: An Improper Verification of Cryptographic Signature vulnerability in the update process of Korenix JetNet Series allows replacing the whole operating system including Trusted Executables. This issue affects JetNet devices older than firmware version 2024/01.
References: https://cyberdanube.com/en/en-multiple-vulnerabilities-in-korenix-jetnet-series/
https://www.beijerelectronics.com/en/support/Help___online?docId=69947
CWE-ID: CWE-347
Common Platform Enumerations (CPE): Not Found
35. CVE-2023-5376
Base Score: 8.6
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 4.0
Description: An Improper Authentication vulnerability in Korenix JetNet TFTP allows abuse of this service. This issue affects JetNet devices older than firmware version 2024/01.
References: https://cyberdanube.com/en/en-multiple-vulnerabilities-in-korenix-jetnet-series/
https://www.beijerelectronics.com/en/support/Help___online?docId=69947
CWE-ID: CWE-287
Common Platform Enumerations (CPE): Not Found
36. CVE-2023-7221
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: A vulnerability was found in Totolink T6 4.1.9cu.5241_B20210923. It has been classified as critical. This affects the function main of the file /cgi-bin/cstecgi.cgi?action=login of the component HTTP POST Request Handler. The manipulation of the argument v41 leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-249855. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
References: https://github.com/jylsec/vuldb/blob/main/TOTOLINK/T6/1/README.md
https://vuldb.com/?ctiid.249855
https://vuldb.com/?id.249855
CWE-ID: CWE-120
Common Platform Enumerations (CPE): Not Found
37. CVE-2024-0206
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.2
Description:
A symbolic link manipulation vulnerability in Trellix Anti-Malware Engine prior to the January 2024 release allows an authenticated local user to potentially gain an escalation of privileges. This was achieved by adding an entry to the registry under the Trellix ENS registry folder with a symbolic link to files that the user wouldn't normally have permission to. After a scan, the Engine would follow the links and remove the files
References: https://kcm.trellix.com/corporate/index?page=content&id=SB10415
CWE-ID: CWE-59
Common Platform Enumerations (CPE): Not Found
38. CVE-2024-0213
Base Score: 8.2
Base Severity: HIGH
Exploitability Score: 1.5
Impact Score: 6.0
Description:
A buffer overflow vulnerability in TA for Linux and TA for MacOS prior to 5.8.1 allows a local user to gain elevated permissions, or cause a Denial of Service (DoS), through exploiting a memory corruption issue in the TA service, which runs as root. This may also result in the disabling of event reporting to ePO, caused by failure to validate input from the file correctly.
References: https://kcm.trellix.com/corporate/index?page=content&id=SB10416
CWE-ID: CWE-120
Common Platform Enumerations (CPE): Not Found
39. CVE-2022-36763
Base Score: 7.0
Base Severity: HIGH
Exploitability Score: 1.1
Impact Score: 5.3
Description:
EDK2 is susceptible to a vulnerability in the Tcg2MeasureGptTable() function, allowing a user to trigger a heap buffer overflow via a local network. Successful exploitation of this vulnerability may result in a compromise of confidentiality, integrity, and/or availability.
References: https://github.com/tianocore/edk2/security/advisories/GHSA-xvv8-66cq-prwr
CWE-ID: CWE-122
Common Platform Enumerations (CPE): Not Found
40. CVE-2022-36764
Base Score: 7.0
Base Severity: HIGH
Exploitability Score: 1.1
Impact Score: 5.3
Description:
EDK2 is susceptible to a vulnerability in the Tcg2MeasurePeImage() function, allowing a user to trigger a heap buffer overflow via a local network. Successful exploitation of this vulnerability may result in a compromise of confidentiality, integrity, and/or availability.
References: https://github.com/tianocore/edk2/security/advisories/GHSA-4hcq-p8q8-hj8j
CWE-ID: CWE-122
Common Platform Enumerations (CPE): Not Found
41. CVE-2022-36765
Base Score: 7.0
Base Severity: HIGH
Exploitability Score: 1.1
Impact Score: 5.3
Description:
EDK2 is susceptible to a vulnerability in the CreateHob() function, allowing a user to trigger a integer overflow to buffer overflow via a local network. Successful exploitation of this vulnerability may result in a compromise of confidentiality, integrity, and/or availability.
References: https://github.com/tianocore/edk2/security/advisories/GHSA-ch4w-v7m3-g8wx
CWE-ID: CWE-680
Common Platform Enumerations (CPE): Not Found
42. CVE-2023-7222
Base Score: 7.2
Base Severity: HIGH
Exploitability Score: 1.2
Impact Score: 5.9
Description: A vulnerability was found in Totolink X2000R 1.0.0-B20221212.1452. It has been declared as critical. This vulnerability affects the function formTmultiAP of the file /bin/boa of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-249856. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
References: https://github.com/jylsec/vuldb/blob/main/TOTOLINK/X2000R/formTmultiAP/README.md
https://vuldb.com/?ctiid.249856
https://vuldb.com/?id.249856
CWE-ID: CWE-120
Common Platform Enumerations (CPE): Not Found
43. CVE-2024-0056
Base Score: 8.7
Base Severity: HIGH
Exploitability Score: 2.2
Impact Score: 5.8
Description: Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability
References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-0056
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
44. CVE-2024-0057
Base Score: 9.1
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.2
Description: NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability
References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-0057
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
45. CVE-2024-20652
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 1.6
Impact Score: 5.9
Description: Windows HTML Platforms Security Feature Bypass Vulnerability
References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20652
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
46. CVE-2024-20653
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Microsoft Common Log File System Elevation of Privilege Vulnerability
References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20653
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
47. CVE-2024-20654
Base Score: 8.0
Base Severity: HIGH
Exploitability Score: 2.1
Impact Score: 5.9
Description: Microsoft ODBC Driver Remote Code Execution Vulnerability
References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20654
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
48. CVE-2024-20656
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Visual Studio Elevation of Privilege Vulnerability
References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20656
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
49. CVE-2024-20657
Base Score: 7.0
Base Severity: HIGH
Exploitability Score: 1.0
Impact Score: 5.9
Description: Windows Group Policy Elevation of Privilege Vulnerability
References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20657
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
50. CVE-2024-20658
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability
References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20658
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
51. CVE-2024-20661
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: Microsoft Message Queuing Denial of Service Vulnerability
References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20661
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
52. CVE-2024-20672
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: .NET Core and Visual Studio Denial of Service Vulnerability
References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20672
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
53. CVE-2024-20674
Base Score: 9.0
Base Severity: CRITICAL
Exploitability Score: 2.3
Impact Score: 6.0
Description: Windows Kerberos Security Feature Bypass Vulnerability
References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20674
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
54. CVE-2024-20676
Base Score: 8.0
Base Severity: HIGH
Exploitability Score: 1.3
Impact Score: 6.0
Description: Azure Storage Mover Remote Code Execution Vulnerability
References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20676
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
55. CVE-2024-20677
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description:
References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20677
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
56. CVE-2024-20681
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Windows Subsystem for Linux Elevation of Privilege Vulnerability
References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20681
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
57. CVE-2024-20682
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Windows Cryptographic Services Remote Code Execution Vulnerability
References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20682
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
58. CVE-2024-20683
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Win32k Elevation of Privilege Vulnerability
References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20683
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
59. CVE-2024-20686
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Win32k Elevation of Privilege Vulnerability
References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20686
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
60. CVE-2024-20687
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: Microsoft AllJoyn API Denial of Service Vulnerability
References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20687
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
61. CVE-2024-20696
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 1.3
Impact Score: 5.9
Description: Windows Libarchive Remote Code Execution Vulnerability
References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20696
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
62. CVE-2024-20697
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 1.3
Impact Score: 5.9
Description: Windows Libarchive Remote Code Execution Vulnerability
References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20697
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
63. CVE-2024-20698
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Windows Kernel Elevation of Privilege Vulnerability
References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20698
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
64. CVE-2024-20700
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 1.6
Impact Score: 5.9
Description: Windows Hyper-V Remote Code Execution Vulnerability
References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20700
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
65. CVE-2024-21307
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 1.6
Impact Score: 5.9
Description: Remote Desktop Client Remote Code Execution Vulnerability
References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21307
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
66. CVE-2024-21309
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21309
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
67. CVE-2024-21310
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21310
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
68. CVE-2024-21312
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: .NET Framework Denial of Service Vulnerability
References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21312
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
69. CVE-2024-21318
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: Microsoft SharePoint Server Remote Code Execution Vulnerability
References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21318
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
70. CVE-2024-21325
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Microsoft Printer Metadata Troubleshooter Tool Remote Code Execution Vulnerability
References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21325
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
71. CVE-2023-7032
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description:
A CWE-502: Deserialization of untrusted data vulnerability exists that could allow an attacker
logged in with a user level account to gain higher privileges by providing a harmful serialized
object.
References: https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-009-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-009-02.pdf
CWE-ID: CWE-502
Common Platform Enumerations (CPE): Not Found
72. CVE-2023-34332
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description:
AMI’s SPx contains
a vulnerability in the BMC where an Attacker
may cause an untrusted pointer to dereference by a local network. A successful
exploitation of this vulnerability may lead to a loss of confidentiality,
integrity, and/or availability.
References: https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023010.pdf
CWE-ID: CWE-822
Common Platform Enumerations (CPE): Not Found
73. CVE-2023-34333
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description:
AMI’s SPx contains
a vulnerability in the BMC where an Attacker may cause an
untrusted pointer to dereference via a local network. A successful exploitation
of this vulnerability may lead to a loss of confidentiality, integrity, and/or
availability.
References: https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023010.pdf
CWE-ID: CWE-822
Common Platform Enumerations (CPE): Not Found
74. CVE-2023-37293
Base Score: 9.6
Base Severity: CRITICAL
Exploitability Score: 2.8
Impact Score: 6.0
Description: AMI’s SPx contains
a vulnerability in the BMC where an Attacker may cause a
stack-based buffer overflow via an adjacent network. A successful exploitation
of this vulnerability may lead to a loss of confidentiality, integrity, and/or
availability.
References: https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023010.pdf
CWE-ID: CWE-121
Common Platform Enumerations (CPE): Not Found
75. CVE-2023-37294
Base Score: 8.3
Base Severity: HIGH
Exploitability Score: 1.6
Impact Score: 6.0
Description:
AMI’s
SPx contains a vulnerability in the BMC where an Attacker may
cause a heap memory corruption via an adjacent network. A successful exploitation
of this vulnerability may lead to a loss of confidentiality, integrity, and/or
availability.
References: https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023010.pdf
CWE-ID: CWE-122
Common Platform Enumerations (CPE): Not Found
76. CVE-2023-37295
Base Score: 8.3
Base Severity: HIGH
Exploitability Score: 1.6
Impact Score: 6.0
Description:
AMI’s
SPx contains a vulnerability in the BMC where an Attacker may
cause a heap memory corruption via an adjacent network. A successful exploitation
of this vulnerability may lead to a loss of confidentiality, integrity, and/or
availability.
References: https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023010.pdf
CWE-ID: CWE-122
Common Platform Enumerations (CPE): Not Found
77. CVE-2023-37296
Base Score: 8.3
Base Severity: HIGH
Exploitability Score: 1.6
Impact Score: 6.0
Description:
AMI’s
SPx contains a vulnerability in the BMC where an Attacker may
cause a stack memory corruption via an adjacent network. A successful exploitation
of this vulnerability may lead to a loss of confidentiality, integrity, and/or
availability.
References: https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023010.pdf
CWE-ID: CWE-121
Common Platform Enumerations (CPE): Not Found
78. CVE-2023-37297
Base Score: 8.3
Base Severity: HIGH
Exploitability Score: 1.6
Impact Score: 6.0
Description:
AMI’s
SPx contains a vulnerability in the BMC where an Attacker may
cause a heap memory corruption via an adjacent network. A successful exploitation
of this vulnerability may lead to a loss of confidentiality, integrity, and/or
availability.
References: https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023010.pdf
CWE-ID: CWE-122
Common Platform Enumerations (CPE): Not Found
79. CVE-2023-3043
Base Score: 9.6
Base Severity: CRITICAL
Exploitability Score: 2.8
Impact Score: 6.0
Description:
AMI’s SPx contains
a vulnerability in the BMC where an Attacker may
cause a stack-based buffer overflow via an adjacent network. A successful exploitation
of this vulnerability may lead to a loss of confidentiality, integrity, and/or
availability.
References: https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023010.pdf
CWE-ID: CWE-121
Common Platform Enumerations (CPE): Not Found
80. CVE-2024-0352
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: A vulnerability classified as critical was found in Likeshop up to 2.5.7.20210311. This vulnerability affects the function FileServer::userFormImage of the file server/application/api/controller/File.php of the component HTTP POST Request Handler. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-250120.
References: https://note.zhaoj.in/share/ciwYj7QXC4sZ
https://vuldb.com/?ctiid.250120
https://vuldb.com/?id.250120
CWE-ID: CWE-434
Common Platform Enumerations (CPE): Not Found
This edition of the AppSecWorld's CVE Daily Digest provides a snapshot of the vulnerabilities published in National Vulnerability Database between January 09-10, 2024.
During this period, The National Vulnerability Database published 161, and these new Common Vulnerabilities and Exposures (CVEs) are classified as follows:
Critical: 12
High: 68
Medium: 46
Low: 8
Severity Not Assigned: 27
Identifying and understanding these vulnerabilities are pivotal steps towards enhancing security measures and creating a safer digital environment.
Now, let's delve deeper into AppSecWorld's CVE Daily Digest, spotlighting the Critical and High Severity vulnerabilities that demand immediate attention.
1. CVE-2024-21648
Base Score: 8.0
Base Severity: HIGH
Exploitability Score: 2.1
Impact Score: 5.9
Description: XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. The rollback action is missing a right protection, a user can rollback to a previous version of the page to gain rights they don't have anymore. The problem has been patched in XWiki 14.10.17, 15.5.3 and 15.8-rc-1 by ensuring that the rights are checked before performing the rollback.
References: https://github.com/xwiki/xwiki-platform/commit/4de72875ca49602796165412741033bfdbf1e680
https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-xh35-w7wg-95v3
https://jira.xwiki.org/browse/XWIKI-21257
CWE-ID: CWE-274
Common Platform Enumerations (CPE): Not Found
2. CVE-2024-21651
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. A user able to attach a file to a page can post a malformed TAR file by manipulating file modification times headers, which when parsed by Tika, could cause a denial of service issue via CPU consumption. This vulnerability has been patched in XWiki 14.10.18, 15.5.3 and 15.8 RC1.
References: https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-8959-rfxh-r4j4
https://jira.xwiki.org/browse/XCOMMONS-2796
CWE-ID: CWE-400
Common Platform Enumerations (CPE): Not Found
3. CVE-2024-21663
Base Score: 9.9
Base Severity: CRITICAL
Exploitability Score: 3.1
Impact Score: 6.0
Description: Discord-Recon is a Discord bot created to automate bug bounty recon, automated scans and information gathering via a discord server. Discord-Recon is vulnerable to remote code execution. An attacker is able to execute shell commands in the server without having an admin role. This vulnerability has been fixed in version 0.0.8.
References: https://github.com/DEMON1A/Discord-Recon/commit/f9cb0f67177f5e2f1022295ca8e641e47837ec7a
https://github.com/DEMON1A/Discord-Recon/issues/23
https://github.com/DEMON1A/Discord-Recon/security/advisories/GHSA-fjcj-g7x8-4rp7
CWE-ID: CWE-20
Common Platform Enumerations (CPE): Not Found
4. CVE-2024-21646
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Azure uAMQP is a general purpose C library for AMQP 1.0. The UAMQP library is used by several clients to implement AMQP protocol communication. When clients using this library receive a crafted binary type data, an integer overflow or wraparound or memory safety issue can occur and may cause remote code execution. This vulnerability has been patched in release 2024-01-01.
References: https://github.com/Azure/azure-uamqp-c/commit/12ddb3a31a5a97f55b06fa5d74c59a1d84ad78fe
https://github.com/Azure/azure-uamqp-c/security/advisories/GHSA-j29m-p99g-7hpv
CWE-ID: CWE-94
Common Platform Enumerations (CPE): Not Found
5. CVE-2024-21735
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 0.7
Impact Score: 6.0
Description: SAP LT Replication Server - version S4CORE 103, S4CORE 104, S4CORE 105, S4CORE 106, S4CORE 107, S4CORE 108, does not perform necessary authorization checks. This could allow an attacker with high privileges to perform unintended actions, resulting in escalation of privileges, which has High impact on confidentiality, integrity and availability of the system.
References: https://me.sap.com/notes/3407617
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
CWE-ID: CWE-285
Common Platform Enumerations (CPE): Not Found
6. CVE-2023-39336
Base Score: 9.6
Base Severity: CRITICAL
Exploitability Score: 2.8
Impact Score: 6.0
Description: An unspecified SQL Injection vulnerability in Ivanti Endpoint Manager released prior to 2022 SU 5 allows an attacker with access to the internal network to execute arbitrary SQL queries and retrieve output without the need for authentication. Under specific circumstances, this may also lead to RCE on the core server.
References: https://forums.ivanti.com/s/article/SA-2023-12-19-CVE-2023-39336?language=en_US
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
7. CVE-2024-21737
Base Score: 8.4
Base Severity: HIGH
Exploitability Score: 1.7
Impact Score: 6.0
Description: In SAP Application Interface Framework File Adapter - version 702, a high privilege user can use a function module to traverse through various layers and execute OS commands directly. By this, such user can control the behaviour of the application. This leads to considerable impact on confidentiality, integrity and availability.
References: https://me.sap.com/notes/3411869
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
CWE-ID: CWE-94
Common Platform Enumerations (CPE): Not Found
8. CVE-2024-22125
Base Score: 7.4
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 4.0
Description: Under certain conditions the Microsoft Edge browser extension (SAP GUI connector for Microsoft Edge) - version 1.0, allows an attacker to access highly sensitive information which would otherwise be restricted causing high impact on confidentiality.
References: https://me.sap.com/notes/3386378
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
CWE-ID: CWE-497
Common Platform Enumerations (CPE): Not Found
9. CVE-2023-7219
Base Score: 7.2
Base Severity: HIGH
Exploitability Score: 1.2
Impact Score: 5.9
Description: A vulnerability has been found in Totolink N350RT 9.3.5u.6139_B202012 and classified as critical. Affected by this vulnerability is the function loginAuth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument http_host leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-249853 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
References: https://github.com/jylsec/vuldb/blob/main/TOTOLINK/N350RT/5/README.md
https://vuldb.com/?ctiid.249853
https://vuldb.com/?id.249853
CWE-ID: CWE-121
Common Platform Enumerations (CPE): Not Found
10. CVE-2023-50930
Base Score: 8.3
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.5
Description: An issue was discovered in savignano S/Notify before 4.0.2 for Jira. While an administrative user is logged on, the configuration settings of S/Notify can be modified via a CSRF attack. The injection could be initiated by the administrator clicking a malicious link in an email or by visiting a malicious website. If executed while an administrator is logged on to Jira, an attacker could exploit this to modify the configuration of the S/Notify app on that host. This can, in particular, lead to email notifications being no longer encrypted when they should be.
References: https://help.savignano.net/snotify-email-encryption/sa-2023-11-28
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
11. CVE-2023-50931
Base Score: 8.3
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.5
Description: An issue was discovered in savignano S/Notify before 2.0.1 for Bitbucket. While an administrative user is logged on, the configuration settings of S/Notify can be modified via a CSRF attack. The injection could be initiated by the administrator clicking a malicious link in an email or by visiting a malicious website. If executed while an administrator is logged on to Bitbucket, an attacker could exploit this to modify the configuration of the S/Notify app on that host. This can, in particular, lead to email notifications being no longer encrypted when they should be.
References: https://help.savignano.net/snotify-email-encryption/sa-2023-11-28
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
12. CVE-2023-50932
Base Score: 8.3
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.5
Description: An issue was discovered in savignano S/Notify before 4.0.2 for Confluence. While an administrative user is logged on, the configuration settings of S/Notify can be modified via a CSRF attack. The injection could be initiated by the administrator clicking a malicious link in an email or by visiting a malicious website. If executed while an administrator is logged on to Confluence, an attacker could exploit this to modify the configuration of the S/Notify app on that host. This can, in particular, lead to email notifications being no longer encrypted when they should be.
References: https://help.savignano.net/snotify-email-encryption/sa-2023-11-28
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
13. CVE-2023-7220
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: A vulnerability was found in Totolink NR1800X 9.1.0u.6279_B20210910 and classified as critical. Affected by this issue is the function loginAuth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument password leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-249854 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
References: https://github.com/jylsec/vuldb/blob/main/TOTOLINK/NR1800X/1/README.md
https://vuldb.com/?ctiid.249854
https://vuldb.com/?id.249854
CWE-ID: CWE-121
Common Platform Enumerations (CPE): Not Found
14. CVE-2023-44120
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: A vulnerability has been identified in Spectrum Power 7 (All versions < V23Q4). The affected product's sudo configuration permits the local administrative account to execute several entries as root user. This could allow an authenticated local attacker to inject arbitrary code and gain root access.
References: https://cert-portal.siemens.com/productcert/pdf/ssa-786191.pdf
CWE-ID: CWE-732
Common Platform Enumerations (CPE): Not Found
15. CVE-2023-49121
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.
References: https://cert-portal.siemens.com/productcert/pdf/ssa-589891.pdf
CWE-ID: CWE-122
Common Platform Enumerations (CPE): Not Found
16. CVE-2023-49122
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.
References: https://cert-portal.siemens.com/productcert/pdf/ssa-589891.pdf
CWE-ID: CWE-122
Common Platform Enumerations (CPE): Not Found
17. CVE-2023-49123
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.
References: https://cert-portal.siemens.com/productcert/pdf/ssa-589891.pdf
CWE-ID: CWE-122
Common Platform Enumerations (CPE): Not Found
18. CVE-2023-49124
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.
References: https://cert-portal.siemens.com/productcert/pdf/ssa-589891.pdf
CWE-ID: CWE-125
Common Platform Enumerations (CPE): Not Found
19. CVE-2023-49126
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.
References: https://cert-portal.siemens.com/productcert/pdf/ssa-589891.pdf
CWE-ID: CWE-125
Common Platform Enumerations (CPE): Not Found
20. CVE-2023-49127
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.
References: https://cert-portal.siemens.com/productcert/pdf/ssa-589891.pdf
CWE-ID: CWE-125
Common Platform Enumerations (CPE): Not Found
21. CVE-2023-49128
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted PAR file. This could allow an attacker to execute code in the context of the current process.
References: https://cert-portal.siemens.com/productcert/pdf/ssa-589891.pdf
CWE-ID: CWE-787
Common Platform Enumerations (CPE): Not Found
22. CVE-2023-49129
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected applications contain a stack overflow vulnerability while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.
References: https://cert-portal.siemens.com/productcert/pdf/ssa-589891.pdf
CWE-ID: CWE-121
Common Platform Enumerations (CPE): Not Found
23. CVE-2023-49130
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process.
References: https://cert-portal.siemens.com/productcert/pdf/ssa-589891.pdf
CWE-ID: CWE-824
Common Platform Enumerations (CPE): Not Found
24. CVE-2023-49131
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process.
References: https://cert-portal.siemens.com/productcert/pdf/ssa-589891.pdf
CWE-ID: CWE-824
Common Platform Enumerations (CPE): Not Found
25. CVE-2023-49132
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process.
References: https://cert-portal.siemens.com/productcert/pdf/ssa-589891.pdf
CWE-ID: CWE-824
Common Platform Enumerations (CPE): Not Found
26. CVE-2023-49251
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.7). The "intermediate installation" system state of the affected application allows an attacker to add their own login credentials to the device. This allows an attacker to remotely login as root and take control of the device even after the affected device is fully set up.
References: https://cert-portal.siemens.com/productcert/pdf/ssa-777015.pdf
CWE-ID: CWE-639
Common Platform Enumerations (CPE): Not Found
27. CVE-2023-49252
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.7). The affected application allows IP configuration change without authentication to the device. This could allow an attacker to cause denial of service condition.
References: https://cert-portal.siemens.com/productcert/pdf/ssa-777015.pdf
CWE-ID: CWE-20
Common Platform Enumerations (CPE): Not Found
28. CVE-2023-49621
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.7). The "intermediate installation" system state of the affected application uses default credential with admin privileges. An attacker could use the credentials to gain complete control of the affected device.
References: https://cert-portal.siemens.com/productcert/pdf/ssa-777015.pdf
CWE-ID: CWE-1392
Common Platform Enumerations (CPE): Not Found
29. CVE-2023-49722
Base Score: 8.3
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.5
Description: Network port 8899 open in WiFi firmware of BCC101/BCC102/BCC50 products, that allows an attacker to connect to the device via same WiFi network.
References: https://psirt.bosch.com/security-advisories/BOSCH-SA-473852.html
CWE-ID: CWE-1125
Common Platform Enumerations (CPE): Not Found
30. CVE-2023-51438
Base Score: 10.0
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 6.0
Description: A vulnerability has been identified in SIMATIC IPC1047E (All versions with maxView Storage Manager < V4.14.00.26068 on Windows), SIMATIC IPC647E (All versions with maxView Storage Manager < V4.14.00.26068 on Windows), SIMATIC IPC847E (All versions with maxView Storage Manager < V4.14.00.26068 on Windows). In default installations of maxView Storage Manager where Redfish® server is configured for remote system management, a vulnerability has been identified that can provide unauthorized access.
References: https://cert-portal.siemens.com/productcert/pdf/ssa-702935.pdf
CWE-ID: CWE-20
Common Platform Enumerations (CPE): Not Found
31. CVE-2023-51439
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: A vulnerability has been identified in JT2Go (All versions < V14.3.0.6), Teamcenter Visualization V13.3 (All versions < V13.3.0.13), Teamcenter Visualization V14.1 (All versions < V14.1.0.12), Teamcenter Visualization V14.2 (All versions < V14.2.0.9), Teamcenter Visualization V14.3 (All versions < V14.3.0.6). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted CGM files. This could allow an attacker to execute code in the context of the current process.
References: https://cert-portal.siemens.com/productcert/pdf/ssa-794653.pdf
CWE-ID: CWE-125
Common Platform Enumerations (CPE): Not Found
32. CVE-2023-51745
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: A vulnerability has been identified in JT2Go (All versions < V14.3.0.6), Teamcenter Visualization V13.3 (All versions < V13.3.0.13), Teamcenter Visualization V14.1 (All versions < V14.1.0.12), Teamcenter Visualization V14.2 (All versions < V14.2.0.9), Teamcenter Visualization V14.3 (All versions < V14.3.0.6). The affected applications contain a stack overflow vulnerability while parsing specially crafted CGM files. This could allow an attacker to execute code in the context of the current process.
References: https://cert-portal.siemens.com/productcert/pdf/ssa-794653.pdf
CWE-ID: CWE-121
Common Platform Enumerations (CPE): Not Found
33. CVE-2023-51746
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: A vulnerability has been identified in JT2Go (All versions < V14.3.0.6), Teamcenter Visualization V13.3 (All versions < V13.3.0.13), Teamcenter Visualization V14.1 (All versions < V14.1.0.12), Teamcenter Visualization V14.2 (All versions < V14.2.0.9), Teamcenter Visualization V14.3 (All versions < V14.3.0.6). The affected applications contain a stack overflow vulnerability while parsing specially crafted CGM files. This could allow an attacker to execute code in the context of the current process.
References: https://cert-portal.siemens.com/productcert/pdf/ssa-794653.pdf
CWE-ID: CWE-121
Common Platform Enumerations (CPE): Not Found
34. CVE-2023-5347
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: An Improper Verification of Cryptographic Signature vulnerability in the update process of Korenix JetNet Series allows replacing the whole operating system including Trusted Executables. This issue affects JetNet devices older than firmware version 2024/01.
References: https://cyberdanube.com/en/en-multiple-vulnerabilities-in-korenix-jetnet-series/
https://www.beijerelectronics.com/en/support/Help___online?docId=69947
CWE-ID: CWE-347
Common Platform Enumerations (CPE): Not Found
35. CVE-2023-5376
Base Score: 8.6
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 4.0
Description: An Improper Authentication vulnerability in Korenix JetNet TFTP allows abuse of this service. This issue affects JetNet devices older than firmware version 2024/01.
References: https://cyberdanube.com/en/en-multiple-vulnerabilities-in-korenix-jetnet-series/
https://www.beijerelectronics.com/en/support/Help___online?docId=69947
CWE-ID: CWE-287
Common Platform Enumerations (CPE): Not Found
36. CVE-2023-7221
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: A vulnerability was found in Totolink T6 4.1.9cu.5241_B20210923. It has been classified as critical. This affects the function main of the file /cgi-bin/cstecgi.cgi?action=login of the component HTTP POST Request Handler. The manipulation of the argument v41 leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-249855. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
References: https://github.com/jylsec/vuldb/blob/main/TOTOLINK/T6/1/README.md
https://vuldb.com/?ctiid.249855
https://vuldb.com/?id.249855
CWE-ID: CWE-120
Common Platform Enumerations (CPE): Not Found
37. CVE-2024-0206
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.2
Description:
A symbolic link manipulation vulnerability in Trellix Anti-Malware Engine prior to the January 2024 release allows an authenticated local user to potentially gain an escalation of privileges. This was achieved by adding an entry to the registry under the Trellix ENS registry folder with a symbolic link to files that the user wouldn't normally have permission to. After a scan, the Engine would follow the links and remove the files
References: https://kcm.trellix.com/corporate/index?page=content&id=SB10415
CWE-ID: CWE-59
Common Platform Enumerations (CPE): Not Found
38. CVE-2024-0213
Base Score: 8.2
Base Severity: HIGH
Exploitability Score: 1.5
Impact Score: 6.0
Description:
A buffer overflow vulnerability in TA for Linux and TA for MacOS prior to 5.8.1 allows a local user to gain elevated permissions, or cause a Denial of Service (DoS), through exploiting a memory corruption issue in the TA service, which runs as root. This may also result in the disabling of event reporting to ePO, caused by failure to validate input from the file correctly.
References: https://kcm.trellix.com/corporate/index?page=content&id=SB10416
CWE-ID: CWE-120
Common Platform Enumerations (CPE): Not Found
39. CVE-2022-36763
Base Score: 7.0
Base Severity: HIGH
Exploitability Score: 1.1
Impact Score: 5.3
Description:
EDK2 is susceptible to a vulnerability in the Tcg2MeasureGptTable() function, allowing a user to trigger a heap buffer overflow via a local network. Successful exploitation of this vulnerability may result in a compromise of confidentiality, integrity, and/or availability.
References: https://github.com/tianocore/edk2/security/advisories/GHSA-xvv8-66cq-prwr
CWE-ID: CWE-122
Common Platform Enumerations (CPE): Not Found
40. CVE-2022-36764
Base Score: 7.0
Base Severity: HIGH
Exploitability Score: 1.1
Impact Score: 5.3
Description:
EDK2 is susceptible to a vulnerability in the Tcg2MeasurePeImage() function, allowing a user to trigger a heap buffer overflow via a local network. Successful exploitation of this vulnerability may result in a compromise of confidentiality, integrity, and/or availability.
References: https://github.com/tianocore/edk2/security/advisories/GHSA-4hcq-p8q8-hj8j
CWE-ID: CWE-122
Common Platform Enumerations (CPE): Not Found
41. CVE-2022-36765
Base Score: 7.0
Base Severity: HIGH
Exploitability Score: 1.1
Impact Score: 5.3
Description:
EDK2 is susceptible to a vulnerability in the CreateHob() function, allowing a user to trigger a integer overflow to buffer overflow via a local network. Successful exploitation of this vulnerability may result in a compromise of confidentiality, integrity, and/or availability.
References: https://github.com/tianocore/edk2/security/advisories/GHSA-ch4w-v7m3-g8wx
CWE-ID: CWE-680
Common Platform Enumerations (CPE): Not Found
42. CVE-2023-7222
Base Score: 7.2
Base Severity: HIGH
Exploitability Score: 1.2
Impact Score: 5.9
Description: A vulnerability was found in Totolink X2000R 1.0.0-B20221212.1452. It has been declared as critical. This vulnerability affects the function formTmultiAP of the file /bin/boa of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-249856. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
References: https://github.com/jylsec/vuldb/blob/main/TOTOLINK/X2000R/formTmultiAP/README.md
https://vuldb.com/?ctiid.249856
https://vuldb.com/?id.249856
CWE-ID: CWE-120
Common Platform Enumerations (CPE): Not Found
43. CVE-2024-0056
Base Score: 8.7
Base Severity: HIGH
Exploitability Score: 2.2
Impact Score: 5.8
Description: Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability
References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-0056
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
44. CVE-2024-0057
Base Score: 9.1
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.2
Description: NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability
References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-0057
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
45. CVE-2024-20652
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 1.6
Impact Score: 5.9
Description: Windows HTML Platforms Security Feature Bypass Vulnerability
References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20652
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
46. CVE-2024-20653
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Microsoft Common Log File System Elevation of Privilege Vulnerability
References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20653
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
47. CVE-2024-20654
Base Score: 8.0
Base Severity: HIGH
Exploitability Score: 2.1
Impact Score: 5.9
Description: Microsoft ODBC Driver Remote Code Execution Vulnerability
References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20654
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
48. CVE-2024-20656
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Visual Studio Elevation of Privilege Vulnerability
References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20656
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
49. CVE-2024-20657
Base Score: 7.0
Base Severity: HIGH
Exploitability Score: 1.0
Impact Score: 5.9
Description: Windows Group Policy Elevation of Privilege Vulnerability
References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20657
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
50. CVE-2024-20658
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability
References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20658
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
51. CVE-2024-20661
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: Microsoft Message Queuing Denial of Service Vulnerability
References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20661
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
52. CVE-2024-20672
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: .NET Core and Visual Studio Denial of Service Vulnerability
References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20672
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
53. CVE-2024-20674
Base Score: 9.0
Base Severity: CRITICAL
Exploitability Score: 2.3
Impact Score: 6.0
Description: Windows Kerberos Security Feature Bypass Vulnerability
References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20674
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
54. CVE-2024-20676
Base Score: 8.0
Base Severity: HIGH
Exploitability Score: 1.3
Impact Score: 6.0
Description: Azure Storage Mover Remote Code Execution Vulnerability
References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20676
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
55. CVE-2024-20677
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description:
A security vulnerability exists in FBX that could lead to remote code execution. To mitigate this vulnerability, the ability to insert FBX files has been disabled in Word, Excel, PowerPoint and Outlook for Windows and Mac. Versions of Office that had this feature enabled will no longer have access to it. This includes Office 2019, Office 2021, Office LTSC for Mac 2021, and Microsoft 365.
3D models in Office documents that were previously inserted from a FBX file will continue to work as expected unless the Link to File option was chosen at insert time.
This change is effective as of the January 9, 2024 security update.
References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20677
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
56. CVE-2024-20681
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Windows Subsystem for Linux Elevation of Privilege Vulnerability
References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20681
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
57. CVE-2024-20682
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Windows Cryptographic Services Remote Code Execution Vulnerability
References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20682
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
58. CVE-2024-20683
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Win32k Elevation of Privilege Vulnerability
References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20683
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
59. CVE-2024-20686
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Win32k Elevation of Privilege Vulnerability
References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20686
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
60. CVE-2024-20687
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: Microsoft AllJoyn API Denial of Service Vulnerability
References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20687
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
61. CVE-2024-20696
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 1.3
Impact Score: 5.9
Description: Windows Libarchive Remote Code Execution Vulnerability
References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20696
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
62. CVE-2024-20697
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 1.3
Impact Score: 5.9
Description: Windows Libarchive Remote Code Execution Vulnerability
References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20697
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
63. CVE-2024-20698
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Windows Kernel Elevation of Privilege Vulnerability
References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20698
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
64. CVE-2024-20700
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 1.6
Impact Score: 5.9
Description: Windows Hyper-V Remote Code Execution Vulnerability
References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20700
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
65. CVE-2024-21307
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 1.6
Impact Score: 5.9
Description: Remote Desktop Client Remote Code Execution Vulnerability
References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21307
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
66. CVE-2024-21309
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21309
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
67. CVE-2024-21310
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21310
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
68. CVE-2024-21312
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: .NET Framework Denial of Service Vulnerability
References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21312
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
69. CVE-2024-21318
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: Microsoft SharePoint Server Remote Code Execution Vulnerability
References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21318
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
70. CVE-2024-21325
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Microsoft Printer Metadata Troubleshooter Tool Remote Code Execution Vulnerability
References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21325
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
71. CVE-2023-7032
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description:
A CWE-502: Deserialization of untrusted data vulnerability exists that could allow an attacker
logged in with a user level account to gain higher privileges by providing a harmful serialized
object.
References: https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-009-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-009-02.pdf
CWE-ID: CWE-502
Common Platform Enumerations (CPE): Not Found
72. CVE-2023-34332
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description:
AMI’s SPx contains
a vulnerability in the BMC where an Attacker
may cause an untrusted pointer to dereference by a local network. A successful
exploitation of this vulnerability may lead to a loss of confidentiality,
integrity, and/or availability.
References: https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023010.pdf
CWE-ID: CWE-822
Common Platform Enumerations (CPE): Not Found
73. CVE-2023-34333
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description:
AMI’s SPx contains
a vulnerability in the BMC where an Attacker may cause an
untrusted pointer to dereference via a local network. A successful exploitation
of this vulnerability may lead to a loss of confidentiality, integrity, and/or
availability.
References: https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023010.pdf
CWE-ID: CWE-822
Common Platform Enumerations (CPE): Not Found
74. CVE-2023-37293
Base Score: 9.6
Base Severity: CRITICAL
Exploitability Score: 2.8
Impact Score: 6.0
Description: AMI’s SPx contains
a vulnerability in the BMC where an Attacker may cause a
stack-based buffer overflow via an adjacent network. A successful exploitation
of this vulnerability may lead to a loss of confidentiality, integrity, and/or
availability.
References: https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023010.pdf
CWE-ID: CWE-121
Common Platform Enumerations (CPE): Not Found
75. CVE-2023-37294
Base Score: 8.3
Base Severity: HIGH
Exploitability Score: 1.6
Impact Score: 6.0
Description:
AMI’s
SPx contains a vulnerability in the BMC where an Attacker may
cause a heap memory corruption via an adjacent network. A successful exploitation
of this vulnerability may lead to a loss of confidentiality, integrity, and/or
availability.
References: https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023010.pdf
CWE-ID: CWE-122
Common Platform Enumerations (CPE): Not Found
76. CVE-2023-37295
Base Score: 8.3
Base Severity: HIGH
Exploitability Score: 1.6
Impact Score: 6.0
Description:
AMI’s
SPx contains a vulnerability in the BMC where an Attacker may
cause a heap memory corruption via an adjacent network. A successful exploitation
of this vulnerability may lead to a loss of confidentiality, integrity, and/or
availability.
References: https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023010.pdf
CWE-ID: CWE-122
Common Platform Enumerations (CPE): Not Found
77. CVE-2023-37296
Base Score: 8.3
Base Severity: HIGH
Exploitability Score: 1.6
Impact Score: 6.0
Description:
AMI’s
SPx contains a vulnerability in the BMC where an Attacker may
cause a stack memory corruption via an adjacent network. A successful exploitation
of this vulnerability may lead to a loss of confidentiality, integrity, and/or
availability.
References: https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023010.pdf
CWE-ID: CWE-121
Common Platform Enumerations (CPE): Not Found
78. CVE-2023-37297
Base Score: 8.3
Base Severity: HIGH
Exploitability Score: 1.6
Impact Score: 6.0
Description:
AMI’s
SPx contains a vulnerability in the BMC where an Attacker may
cause a heap memory corruption via an adjacent network. A successful exploitation
of this vulnerability may lead to a loss of confidentiality, integrity, and/or
availability.
References: https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023010.pdf
CWE-ID: CWE-122
Common Platform Enumerations (CPE): Not Found
79. CVE-2023-3043
Base Score: 9.6
Base Severity: CRITICAL
Exploitability Score: 2.8
Impact Score: 6.0
Description:
AMI’s SPx contains
a vulnerability in the BMC where an Attacker may
cause a stack-based buffer overflow via an adjacent network. A successful exploitation
of this vulnerability may lead to a loss of confidentiality, integrity, and/or
availability.
References: https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023010.pdf
CWE-ID: CWE-121
Common Platform Enumerations (CPE): Not Found
80. CVE-2024-0352
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: A vulnerability classified as critical was found in Likeshop up to 2.5.7.20210311. This vulnerability affects the function FileServer::userFormImage of the file server/application/api/controller/File.php of the component HTTP POST Request Handler. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-250120.
References: https://note.zhaoj.in/share/ciwYj7QXC4sZ
https://vuldb.com/?ctiid.250120
https://vuldb.com/?id.250120
CWE-ID: CWE-434
Common Platform Enumerations (CPE): Not Found