End-of-Day report
Timeframe: Mittwoch 09-10-2024 18:00 - Donnerstag 10-10-2024 18:00
Handler: Robert Waldner
Co-Handler: n/a
News
Firefox Zero-Day Under Attack: Update Your Browser Immediately
Mozilla has revealed that a critical security flaw impacting Firefox and Firefox Extended Support Release (ESR) has come under active exploitation in the wild.The vulnerability, tracked as CVE-2024-9680, has been described as a use-after-free bug in the Animation timeline component.
https://thehackernews.com/2024/10/mozilla-warns-of-active-exploitation-in.html
CISA says critical Fortinet RCE flaw now exploited in attacks
Today, CISA revealed that attackers actively exploit a critical FortiOS remote code execution (RCE) vulnerability in the wild.
https://www.bleepingcomputer.com/news/security/cisa-says-critical-fortinet-rce-flaw-now-exploited-in-attacks/
Benutzt hier jemand ein Smartphone mit Qualcomm-SOC?
Für viele Android-Geräte da draußen ist die Antwort: Ja.The zero-day vulnerability, officially designated CVE-2024-43047, -may be under limited, targeted exploitation,- according to Qualcomm, citing unspecified -indications- from Google-s Threat Analysis Group, the company-s research unit that investigates government hacking threats.
http://blog.fefe.de/?ts=99f9d232
Magenta ID wurde deaktiviert: Vorsicht vor täuschend echter Phishing-Mail
Ein sehr gut gefälschtes Magenta-Mail ist gerade in Österreich in Umlauf. Wer genau hinsieht, kann es entlarven.
https://futurezone.at/digital-life/magenta-id-wurde-deaktiviert-mail-phishing-rechnung-hinweise-betrug-warnung/402960708
Malware by the (Bit)Bucket: Unveiling AsyncRAT
Recently, we uncovered a sophisticated attack campaign employing a multi-stage approach to deliver AsyncRAT via a legitimate platform called Bitbucket.
https://www.gdatasoftware.com/blog/2024/10/38043-asyncrat-bitbucket
File hosting services misused for identity phishing
Since mid-April 2024, Microsoft has observed an increase in defense evasion tactics used in campaigns abusing file hosting services like SharePoint, OneDrive, and Dropbox. These campaigns use sophisticated techniques to perform social engineering, evade detection, and compromise identities, and include business email compromise (BEC) attacks.
https://www.microsoft.com/en-us/security/blog/2024/10/08/file-hosting-services-misused-for-identity-phishing/
Technical Analysis of DarkVision RAT
IntroductionDarkVision RAT is a highly customizable remote access trojan (RAT) that first surfaced in 2020, offered on Hack Forums and their website for as little as $60. Written in C/C++, and assembly, DarkVision RAT has gained popularity due to its affordability and extensive feature set, making it accessible even to low-skilled cybercriminals. The RAT-s capabilities include keylogging, taking screenshots, file manipulation, process injection, remote code execution, and password theft.
https://www.zscaler.com/blogs/security-research/technical-analysis-darkvision-rat
Ransom & Dark Web Issues Week 2, October 2024
* New Target of KillSec Ransomware Attack: South Korean Commercial Property Content Provider
* Dark Web Market Bohemia/Cannabia Shut Down by Law Enforcement, Two Administrators Arrested
* New Ransomware Gang Sarcoma: Conducted Attacks on a Total of 30 Companies
https://asec.ahnlab.com/en/83739/
Internet Archive unter Beschuss: Über 30 Millionen Nutzerdaten gestohlen
Bislang Unbekannte vergriffen sich mehrfach am Internet Archive. Bereits im September wurden Nutzerdaten und Passwort-Hashes abgezogen.
https://heise.de/-9975986
Vulnerabilities
GitLab warns of critical arbitrary branch pipeline execution flaw
GitLab has released security updates to address multiple flaws in Community Edition (CE) and Enterprise Edition (EE), including a critical arbitrary branch pipeline execution flaw.
https://www.bleepingcomputer.com/news/security/gitlab-warns-of-critical-arbitrary-branch-pipeline-execution-flaw/
Experts Warn of Critical Unpatched Vulnerability in Linear eMerge E3 Systems
Cybersecurity security researchers are warning about an unpatched vulnerability in Nice Linear eMerge E3 access controller systems that could allow for the execution of arbitrary operating system (OS) commands.The flaw, assigned the CVE identifier CVE-2024-9441, carries a CVSS score of 9.8 out of a maximum of 10.0, according to VulnCheck.
https://thehackernews.com/2024/10/experts-warn-of-critical-unpatched.html
wkhtmltopdf - Highly critical - Unsupported - SA-CONTRIB-2024-049
Project: wkhtmltopdfDate: 2024-October-09Security risk: Highly critical 23 - 25 AC:None/A:None/CI:All/II:All/E:Proof/TD:AllVulnerability: UnsupportedAffected versions: *Description: The security team is marking this project unsupported. There is a known security issue with the project that has not been fixed by the maintainer. If you would like to maintain this project, please read: https://www.drupal.org/node/251466#procedureown-projectunsupportedSolution: If you use this project,
https://www.drupal.org/sa-contrib-2024-049
Facets - Critical - Cross Site Scripting - SA-CONTRIB-2024-047
Project: FacetsDate: 2024-October-09Security risk: Critical 15 - 25 AC:Basic/A:None/CI:Some/II:Some/E:Theoretical/TD:DefaultVulnerability: Cross Site ScriptingAffected versions: Description: This module enables you to to easily create and manage faceted search interfaces.The module doesnt sufficiently filter for malicious script leading to a reflected cross site scripting (XSS) vulnerability.Solution: Install the latest version:If you use the Facets module, upgrade to Facets
https://www.drupal.org/sa-contrib-2024-047
Block permissions - Moderately critical - Access bypass - SA-CONTRIB-2024-046
Project: Block permissionsDate: 2024-October-09Security risk: Moderately critical 13 - 25 AC:Basic/A:Admin/CI:Some/II:Some/E:Theoretical/TD:AllVulnerability: Access bypassAffected versions: >=1.0.0 Description: This module enables you to manage blocks from specific modules in the specific themes.The module doesnt sufficiently check permissions under the scenario when a block is added using the form "/admin/structure/block/add/{plugin_id}/{theme}" (route
https://www.drupal.org/sa-contrib-2024-046
Monster Menus - Moderately critical - Access bypass, Information Disclosure - SA-CONTRIB-2024-045
Project: Monster MenusDate: 2024-October-09Security risk: Moderately critical 13 - 25 AC:None/A:None/CI:Some/II:None/E:Theoretical/TD:UncommonVulnerability: Access bypass, Information DisclosureAffected versions: Description: This module enables you to group nodes within pages that have a highly-granular, distributed permissions structure.A function which can be used by third-party code does not return valid data under certain rare circumstances. If the third-party code relies on this
https://www.drupal.org/sa-contrib-2024-045
Gutenberg - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2024-048
Project: GutenbergDate: 2024-October-09Security risk: Moderately critical 12 - 25 AC:Basic/A:None/CI:None/II:Some/E:Theoretical/TD:DefaultVulnerability: Cross Site Request ForgeryAffected versions: =3.0.0 Description: This module provides a new UI experience for node editing using the Gutenberg Editor library.The module did not sufficiently protect some routes against a Cross Site Request Forgery attack.This vulnerability is mitigated by the fact that the tricked user needs to have an
https://www.drupal.org/sa-contrib-2024-048
VMSA-2024-0020:VMware NSX updates address multiple vulnerabilities (CVE-2024-38818, CVE-2024-38817, CVE-2024-38815)
Multiple vulnerabilities in VMware NSX were responsibly reported to VMware. Updates are available to remediate these vulnerabilities in the affected VMware products.
https://support.broadcom.com/web/ecx/support-=content-notification/-/external/content/SecurityAdvisories/0/25047
Security updates for Thursday
Security updates have been issued by Debian (chromium), Fedora (firefox, koji, unbound, webkit2gtk4.0, and xen), Red Hat (glibc, net-snmp, and tomcat), Slackware (mozilla), SUSE (apache-commons-io, buildah, cups-filters, liboath-devel, libreoffice, libunbound8, podman, and redis), and Ubuntu (cups-browsed, cups-filters, edk2, linux-raspi-5.4, and oath-toolkit).
https://lwn.net/Articles/993595/
Redis Vulnerability Security Update Advisory (CVE-2024-31449)
An update has been released to address vulnerabilities in Redis. Users of the affected versions are advised to update to the latest version.
https://asec.ahnlab.com/en/83704/
Ivanti Product Security Update Advisory
* CVE-2024-9380, CVE-2024-9381: Ivanti Cloud Services Appliance (CSA) versions: ~ 5.0.1 (inclusive)
* CVE-2024-7612: Ivanti EPMM (Core) versions: ~ 12.1.0.3 (inclusive)
* CVE-2024-9167: Velocity License Server versions: 5.1 (inclusive) ~ 5.1.2 (inclusive)
https://asec.ahnlab.com/en/83706/
Adobe Family October 2024 Routine Security Update Advisory
Adobe has released a security update that addresses a vulnerability in its supplied products. Users of affected systems are advised to update to the latest version.
https://asec.ahnlab.com/en/83710/
SAP Product Security Update Advisory
* CVE-2024-37179: SAP BusinessObjects Business Intelligence Platform, ENTERPRISE 420, 430, 2025, Enterprise clienttools 420
* CVE-2024-41730: SAP BusinessObjects Business Intelligence Platform, ENTERPRISE 430, 440
* CVE-2024-39592: SAP PDCE, S4CORE 102, S4CORE 103, S4COREOP 104, S4COREOP 105, S4COREOP 106, S4COREOP 107, S4COREOP 108
https://asec.ahnlab.com/en/83736/
SonicWall SSL-VPN SMA1000 and Connect Tunnel Windows Client Affected By Multiple Vulnerabilities
1) CVE-2024-45315 - SonicWALL SMA1000 Connect Tunnel Windows Client Link Following Denial-of-Service Vulnerability
2) CVE-2024-45316 - SonicWALL SMA1000 Connect Tunnel Windows Client Link Following Local Privilege Escalation Vulnerability
3) CVE-2024-45317 - Unauthenticated SMA1000 12.4.x Server-Side Request Forgery (SSRF) Vulnerability
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0017
CISA Releases Twenty-One Industrial Control Systems Advisories
* ICSA-24-284-01 Siemens SIMATIC S7-1500 and S7-1200 CPUs
* ICSA-24-284-02 Siemens Simcenter Nastran
* ICSA-24-284-03 Siemens Teamcenter Visualization and JT2Go
* ICSA-24-284-04 Siemens SENTRON PAC3200 Devices
* ICSA-24-284-05 Siemens Questa and ModelSim
* ICSA-24-284-06 Siemens SINEC Security Monitor
* ICSA-24-284-07 Siemens JT2Go
* ICSA-24-284-08 Siemens HiMed Cockpit
* ICSA-24-284-09 Siemens PSS SINCAL
* ICSA-24-284-10 Siemens SIMATIC S7-1500 CPUs
* ICSA-24-284-11 Siemens RUGGEDCOM APE1808
* ICSA-24-284-12 Siemens Sentron Powercenter 1000
* ICSA-24-284-13 Siemens Tecnomatix Plant Simulation
* ICSA-24-284-14 Schneider Electric Zelio Soft 2
* ICSA-24-284-15 Rockwell Automation DataMosaix Private Cloud
* ICSA-24-284-16 Rockwell Automation DataMosaix Private Cloud
* ICSA-24-284-17 Rockwell Automation Verve Asset Manager
* ICSA-24-284-18 Rockwell Automation Logix Controllers
* ICSA-24-284-19 Rockwell Automation PowerFlex 6000T
* ICSA-24-284-20 Rockwell Automation ControlLogix
* ICSA-24-284-21 Delta Electronics CNCSoft-G2
https://www.cisa.gov/news-events/alerts/2024/10/10/cisa-releases-twenty-one-industrial-control-systems-advisories
Synacor Zimbra Collaboration Command Execution Vulnerability
Threat Actors are exploiting a recently fixed RCE vulnerability in Zimbra email servers, which can be exploited just by sending specially crafted emails to the SMTP server.
https://fortiguard.fortinet.com/outbreak-alert/zimbra-collaboration-rce
Gutenberg - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2024-048
https://www.drupal.org/sa-contrib-2024-048
2024-10-10: Cyber Security Advisory - ABB IRC5 RobotWare - PROFINET Stack Vulnerability
https://search.abb.com/library/Download.aspx?DocumentID=SI20337&LanguageCode=en&DocumentPartId=&Action=Launch
2024-10 Security Bulletin: Junos OS and Junos OS Evolved: BGP update message containing aggregator attribute with an ASN value of zero (0) is accepted (CVE-2024-47507)
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-BGP-update-message-containing-aggregator-attribute-with-an-ASN-value-of-zero-0-is-accepted-CVE-2024-47507
2024-10 Security Bulletin: Junos OS: SRX Series: A large amount of traffic being processed by ATP Cloud can lead to a PFE crash (CVE-2024-47506)
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-SRX-Series-A-large-amount-of-traffic-being-processed-by-ATP-Cloud-can-lead-to-a-PFE-crash-CVE-2024-47506
2024-10 Security Bulletin: Junos OS Evolved: Specific low privileged CLI commands and SNMP GET requests can trigger a resource leak
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-Evolved-Specific-low-privileged-CLI-commands-and-SNMP-GET-requests-can-trigger-a-resource-leak
2024-10 Security Bulletin: Junos OS: Multiple vulnerabilities in OSS component nginx resolved
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-Multiple-vulnerabilities-in-OSS-component-nginx-resolved
2024-10 Security Bulletin: Junos OS: SRX5000 Series: Receipt of a specific malformed packet will cause a flowd crash (CVE-2024-47504)
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-SRX5000-Series-Receipt-of-a-specific-malformed-packet-will-cause-a-flowd-crash-CVE-2024-47504
2024-10 Security Bulletin: Junos OS: SRX4600 and SRX5000 Series: Sequence of specific PIM packets causes a flowd crash (CVE-2024-47503)
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-SRX4600-and-SRX5000-Series-Sequence-of-specific-PIM-packets-causes-a-flowd-crash-CVE-2024-47503
2024-10 Security Bulletin: Junos OS Evolved: TCP session state is not always cleared on the Routing Engine (CVE-2024-47502)
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-Evolved-TCP-session-state-is-not-always-cleared-on-the-Routing-Engine-CVE-2024-47502
2024-10 Security Bulletin: Junos OS: MX304, MX with MPC10/11/LC9600, and EX9200 with EX9200-15C: In a VPLS or Junos Fusion scenario specific show commands cause an FPC crash (CVE-2024-47501)
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-MX304-MX-with-MPC10-11-LC9600-and-EX9200-with-EX9200-15C-In-a-VPLS-or-Junos-Fusion-scenario-specific-show-commands-cause-an-FPC-crash-CVE-2024-47501
2024-10 Security Bulletin: Junos OS and Junos OS Evolved: In a BMP scenario receipt of a malformed AS PATH attribute can cause an RPD core (CVE-2024-47499)
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-In-a-BMP-scenario-receipt-of-a-malformed-AS-PATH-attribute-can-cause-an-RPD-core-CVE-2024-47499
2024-10 Security Bulletin: Junos OS Evolved: QFX5000 Series: Configured MAC learning and move limits are not in effect (CVE-2024-47498)
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-Evolved-QFX5000-Series-Configured-MAC-learning-and-move-limits-are-not-in-effect-CVE-2024-47498
2024-10 Security Bulletin: Junos OS: SRX Series, QFX Series, MX Series and EX Series: Receiving specific HTTPS traffic causes resource exhaustion (CVE-2024-47497)
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-SRX-Series-QFX-Series-MX-Series-and-EX-Series-Receiving-specific-HTTPS-traffic-causes-resource-exhaustion-CVE-2024-47497
2024-10 Security Bulletin: Junos OS: MX Series: The PFE will crash on running specific command (CVE-2024-47496)
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-MX-Series-The-PFE-will-crash-on-running-specific-command-CVE-2024-47496
2024-10 Security Bulletin: Junos OS Evolved: In a dual-RE scenario a locally authenticated attacker with shell privileges can take over the device (CVE-2024-47495)
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-Evolved-In-a-dual-RE-scenario-a-locally-authenticated-attacker-with-shell-privileges-can-take-over-the-device-CVE-2024-47495
2024-10 Security Bulletin: Junos OS: Due to a race condition AgentD process causes a memory corruption and FPC reset (CVE-2024-47494)
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-Due-to-a-race-condition-AgentD-process-causes-a-memory-corruption-and-FPC-reset-CVE-2024-47494
2024-10 Security Bulletin: Junos OS: J-Web: Multiple vulnerabilities resolved in PHP software.
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-J-Web-Multiple-vulnerabilities-resolved-in-PHP-software
2024-10 Security Bulletin: Junos OS: SRX5K, SRX4600 and MX Series: Trio-based FPCs: Continuous physical interface flaps causes local FPC to crash (CVE-2024-47493)
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-SRX5K-SRX4600-and-MX-Series-Trio-based-FPCs-Continuous-physical-interface-flaps-causes-local-FPC-to-crash-CVE-2024-47493
2024-10 Security Bulletin: Junos OS and Junos OS Evolved: Receipt of a specific malformed BGP path attribute leads to an RPD crash (CVE-2024-47491)
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Receipt-of-a-specific-malformed-BGP-path-attribute-leads-to-an-RPD-crash-CVE-2024-47491
2024-10 Security Bulletin: Junos OS Evolved: ACX 7000 Series: Receipt of specific transit MPLS packets causes resources to be exhausted (CVE-2024-47490)
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-Evolved-ACX-7000-Series-Receipt-of-specific-transit-MPLS-packets-causes-resources-to-be-exhausted-CVE-2024-47490
2024-10 Security Bulletin: Junos OS Evolved: Multiple vulnerabilities resolved in c-ares 1.18.1
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-Evolved-Multiple-vulnerabilities-resolved-in-c-ares-1-18-1
2024-10 Security Bulletin: Junos OS Evolved: ACX Series: Receipt of specific transit protocol packets is incorrectly processed by the RE (CVE-2024-47489)
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-Evolved-ACX-Series-Receipt-of-specific-transit-protocol-packets-is-incorrectly-processed-by-the-RE-CVE-2024-47489
2024-10 Security Bulletin: Junos Space: Remote Command Execution (RCE) vulnerability in web application (CVE-2024-39563)
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-Space-Remote-Command-Execution-RCE-vulnerability-in-web-application-CVE-2024-39563
2024-10 Security Bulletin: Junos OS and Junos OS Evolved: cRPD: Receipt of crafted TCP traffic can trigger high CPU utilization (CVE-2024-39547)
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-cRPD-Receipt-of-crafted-TCP-traffic-can-trigger-high-CPU-utilization-CVE-2024-39547
2024-10 Security Bulletin: Junos OS: Multiple vulnerabilities resolved in OpenSSL
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-Multiple-vulnerabilities-resolved-in-OpenSSL
2024-10 Security Bulletin: Junos OS Evolved: Low privileged local user able to view NETCONF traceoptions files (CVE-2024-39544)
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-Evolved-Low-privileged-local-user-able-to-view-NETCONF-traceoptions-files-CVE-2024-39544
2024-10 Security Bulletin: Junos OS Evolved: Connections to the network and broadcast address accepted (CVE-2024-39534)
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-Evolved-Connections-to-the-network-and-broadcast-address-accepted-CVE-2024-39534
2024-10 Security Bulletin: Junos OS: SRX Series: Low privileged user able to access sensitive information on file system (CVE-2024-39527)
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-SRX-Series-Low-privileged-user-able-to-access-sensitive-information-on-file-system-CVE-2024-39527
2024-10 Security Bulletin: Junos OS and Junos OS Evolved: MX Series with MPC10/MPC11/LC9600, MX304, EX9200, PTX Series: Receipt of malformed DHCP packets causes interfaces to stop processing packets (CVE-2024-39526)
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-MX-Series-with-MPC10-MPC11-LC9600-MX304-EX9200-PTX-Series-Receipt-of-malformed-DHCP-packets-causes-interfaces-to-stop-processing-packets-CVE-2024-39526
2024-10 Security Bulletin: Junos OS and Junos OS Evolved: When BGP nexthop traceoptions is enabled, receipt of specially crafted BGP packet causes RPD crash (CVE-2024-39525)
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-When-BGP-nexthop-traceoptions-is-enabled-receipt-of-specially-crafted-BGP-packet-causes-RPD-crash-CVE-2024-39525
2024-10 Security Bulletin: Junos OS and Junos OS Evolved: Junos OS and Junos OS Evolved: Receipt of a specifically malformed BGP packet causes RPD crash when segment routing is enabled (CVE-2024-39516)
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Junos-OS-and-Junos-OS-Evolved-Receipt-of-a-specifically-malformed-BGP-packet-causes-RPD-crash-when-segment-routing-is-enabled-CVE-2024-39516
2024-10 Security Bulletin: Junos OS and Junos OS Evolved: With BGP traceoptions enabled, receipt of specially crafted BGP update causes RPD crash (CVE-2024-39515)
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-With-BGP-traceoptions-enabled-receipt-of-specially-crafted-BGP-update-causes-RPD-crash-CVE-2024-39515
2024-10 Security Bulletin: Junos Space: OS command injection vulnerability in OpenSSH (CVE-2023-51385)
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-Space-OS-command-injection-vulnerability-in-OpenSSH-CVE-2023-51385
2024-10 Security Bulletin: Junos OS and Junos OS Evolved: With BGP traceoptions enabled, receipt of specifically malformed BGP update causes RPD crash (CVE-2024-39516)
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Junos-OS-and-Junos-OS-Evolved-Receipt-of-a-specifically-malformed-BGP-packet-causes-RPD-crash-when-segment-routing-is-enabled-CVE-2024-39516
2024-10 Security Bulletin: Junos OS and Junos OS Evolved: In a BMP scenario receipt of a malformed AS PATH attribute can cause an RPD core (CVE-2024-47499)
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-In-a-BMP-scenario-receipt-of-a-malformed-AS-PATH-attribute-can-cause-an-RPD-core-CVE-2024-47499
2024-10 Security Bulletin: Junos OS and Junos OS Evolved: When BGP traceoptions is enabled, receipt of specially crafted BGP packet causes RPD crash (CVE-2024-39525)
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-When-BGP-nexthop-traceoptions-is-enabled-receipt-of-specially-crafted-BGP-packet-causes-RPD-crash-CVE-2024-39525
SSA-438590 V1.0: Buffer Overflow Vulnerability in Siveillance Video Camera Drivers
https://cert-portal.siemens.com/productcert/html/ssa-438590.html
CVE-2024-9469 Cortex XDR Agent: Local Windows User Can Disable the Agent (Severity: MEDIUM)
https://security.paloaltonetworks.com/CVE-2024-9469
CVE-2024-9471 PAN-OS: Privilege Escalation (PE) Vulnerability in XML API (Severity: MEDIUM)
https://security.paloaltonetworks.com/CVE-2024-9471
CVE-2024-9468 PAN-OS: Firewall Denial of Service (DoS) via a Maliciously Crafted Packet (Severity: HIGH)
https://security.paloaltonetworks.com/CVE-2024-9468
PAN-SA-2024-0010 Expedition: Multiple Vulnerabilities Lead to Firewall Admin Account Takeover (Severity: CRITICAL)
https://security.paloaltonetworks.com/PAN-SA-2024-0010
CVE-2024-9473 GlobalProtect App: Local Privilege Escalation (PE) Vulnerability (Severity: MEDIUM)
https://security.paloaltonetworks.com/CVE-2024-9473
PAN-SA-2024-0011 Chromium: Monthly Vulnerability Updates (Severity: HIGH)
https://security.paloaltonetworks.com/PAN-SA-2024-0011
CVE-2024-9470 Cortex XSOAR: Information Disclosure Vulnerability (Severity: MEDIUM)
https://security.paloaltonetworks.com/CVE-2024-9470
PAN-SA-2024-0010 Expedition: Multiple Vulnerabilities in Expedition Lead to Exposure of Firewall Credentials (Severity: CRITICAL)
https://security.paloaltonetworks.com/PAN-SA-2024-0010