In the world of cybersecurity, the past week has been packed with vulnerabilities and threats, keeping security teams on their toes between conferences and Patch Tuesday releases. Cyble, a leading AI-powered threat intelligence provider, identified 40 vulnerabilities in their recent report and highlighted 10 critical flaws in products from major companies like SAP, Ivanti, AMD, Microsoft, Cisco, and Progress Software.
One of the most urgent vulnerabilities identified by Cyble is a 9.8 severity Java deserialization RCE flaw in SolarWinds’ Web Help Desk, which the Cybersecurity and Infrastructure Security Agency (CISA) revealed is already under attack. This emphasizes the importance of immediate patching to prevent exploitation.
Among the top vulnerabilities addressed in Cyble’s report are:
– CVE-2024-41730 impacting SAP BusinessObjects Business Intelligence, posing a high risk to confidentiality, integrity, and availability.
– CVE-2024-7593 affecting Ivanti Virtual Traffic Manager, allowing remote attackers to bypass authentication and gain unauthorized access.
– CVE-2024-7569 targeting Ivanti Neurons for ITSM, enabling information disclosure to unauthenticated attackers.
– CVE-2023-31315 known as “Sinkclose” in AMD processors, potentially leading to arbitrary code execution.
– CVE-2024-38200 in Microsoft Office, allowing attackers to grab users’ NTLM hashes and pivot into compromised networks.
– CVE-2024-20450, CVE-2024-20452, and CVE-2024-20454 in Cisco Small Business IP Phones, enabling remote code execution with root privileges.
– CVE-2024-20419 in Cisco Smart Software Manager On-Prem, allowing attackers to change user passwords and gain unauthorized access.
– CVE-2024-4885 in Progress WhatsUp Gold, exposing networks to unauthenticated remote code execution.
Apart from these vulnerabilities, Cyble also delved into dark web exploits, industrial control system vulnerabilities, and high-exposure web assets, providing a comprehensive overview of the current threat landscape.
Cyble’s weekly sensor reports cover a wide range of threats, including vulnerability exploits, malware, ransomware, and phishing attacks, ensuring organizations stay informed about potential risks to their environments.
As the cybersecurity landscape continues to evolve, partnership with threat intelligence providers like Cyble becomes crucial for organizations aiming to proactively manage their security posture and defend against emerging threats. Stay tuned for more insights and updates from Cyble researchers in the coming weeks to stay ahead of the evolving threat landscape.
Overall, the recent surge in security vulnerabilities underscores the importance of proactive patching and continuous monitoring to safeguard critical infrastructure and sensitive data from cyber threats. Organizations must remain vigilant and leverage the expertise of threat intelligence providers to stay one step ahead of threat actors in the ever-changing cybersecurity landscape.