Microsoft has reported that North Korean hacking groups Lazarus and Andariel are exploiting a critical flaw, CVE-2023-42793, in TeamCity servers to deploy backdoor malware. North Korean Hacking Groups Exploit TeamCity Vulnerability to Breach Networks Researchers from LeakIX, using the indicators of compromise (IOCs) released by Cisco Talos, discovered approximately 30,000 Cisco IOS XE devices that have been compromised by exploiting the CVE-2023-20198 vulnerability. Massive Cyberattack Targets Cisco IOS XE Devices Through CVE-2023-20198 Exploitation The attacker can then use that account to gain control of the affected device. 20, 2023 CISA Known Exploited VulnerabilitiesĬisco IOS XE contains a command injection vulnerability in the web user interface that could allow a remote, authenticated attacker to inject commands that can be executed as the root user.Ĭitrix NetScaler ADC and NetScaler Gateway contain a buffer overflow vulnerability that allows for sensitive information disclosure when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server.Ĭisco IOS XE Web UI contains a privilege escalation vulnerability in the web user interface that could allow a remote, unauthenticated attacker to create an account with privilege level 15 access.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |