Three notable 0-days have either been disclosed or are seeing limited exploitation:
Zyxel NAS326/VPN Series – Pre-auth Command Injection
Google Chrome (V8 Engine Type Confusion) 0-day and Hitlist Week -06-12-2024-
These vulnerabilities have been confirmed as being exploited in the wild by vendors or CISA. Immediate patching is recommended.
CVE: CVE-2024-4577
Status: Wormable
This vulnerability affects Windows-based PHP installations. Attackers are exploiting the cgi.force_redirect configuration bypass to execute arbitrary code. Three notable 0-days have either been disclosed or
This week has seen a shift in focus from mass exploitation to targeted supply chain chaining. The "Hitlist" (assets being actively prepped for exploitation by ransomware groups) shows a 40% increase in scanning against edge network devices compared to last week.
CVE: CVE-2023-22527 Status: Explosion in Activity Despite being disclosed in early 2024, scanning for this template injection vulnerability has spiked by 300% this week. Ransomware groups are specifically targeting unpatched Confluence instances to deploy encryptors. Zyxel NAS326/VPN Series – Pre-auth Command Injection
CVE: CVE-2024-24919 Severity: High
Check Point disclosed a vulnerability in their Security Gateways that allows unauthenticated remote attackers to read arbitrary files.