RCE

New Flaws in Citrix Virtual Apps Enable RCE Attacks via MSMQ Misconfiguration – Go Health Pro

by
New Flaws in Citrix Virtual Apps Enable RCE Attacks via MSMQ Misconfiguration – Go Health Pro

Nov 12, 2024Ravie LakshmananVirtualization / Vulnerability Cybersecurity researchers have disclosed new security flaws impacting Citrix Virtual Apps and Desktop that could be exploited to achieve unauthenticated remote code execution (RCE) The issue, per findings from watchTowr, is rooted in the Session Recording component that allows system administrators to capture user activity, and record keyboard and … Read more

Palo Alto Advises Securing PAN-OS Interface Amid Potential RCE Threat Concerns – Go Health Pro

by
Palo Alto Advises Securing PAN-OS Interface Amid Potential RCE Threat Concerns – Go Health Pro

Nov 09, 2024Ravie LakshmananVulnerability / Network Security Palo Alto Networks on Friday issued an informational advisory urging customers to ensure that access to the PAN-OS management interface is secured because of a potential remote code execution vulnerability. “Palo Alto Networks is aware of a claim of a remote code execution vulnerability via the PAN-OS management … Read more

14 DrayTek vulnerabilities patched, including max-severity RCE flaw – Go Health Pro

by
14 DrayTek vulnerabilities patched, including max-severity RCE flaw – Go Health Pro

DrayTek patched 14 vulnerabilities affecting 24 of its router models, including a maximum severity buffer overflow flaw that could lead to remote code execution (RCE) or denial-of-service (DoS). The two critical-, nine high- and three medium-severity DrayTek bugs were discovered by Forescout Research’s Vedere Labs and described in a report titled “DRAY:BREAK” published Thursday. Shodan … Read more

Veeam patches 5 vital vulnerabilities, together with unauthenticated RCE flaw – Go Well being Professional

by
Veeam patches 5 vital vulnerabilities, together with unauthenticated RCE flaw – Go Well being Professional

Veeam launched patches for 13 high-severity and 5 vital vulnerabilities, together with one flaw in Veeam Backup & Replication that would result in unauthenticated distant code execution (RCE). The September 2024 Veeam safety bulletin, final up to date Thursday, consists of bugs found in six Veeam merchandise, with CVSS scores starting from 7.3 to 9.9. … Read more

x