CVE-2024-3393 is a high severity Denial of Service (DoS) vulnerability affecting specific versions of Palo Alto Networks PAN-OS DNS Security feature. CyCognito has shared lists of potentially affected assets running PAN-OS with affected customers alongside a notification in-platform.
Read more about Emerging Threat: Palo Alto PAN-OS CVE-2024-3393
CyCognito Blog
Research
Search the Blog
CVE-2024-53677 is a critical (9.5) remote code execution(RCE) vulnerability affecting popular open-source framework Apache Struts. Affected organizations are encouraged to upgrade to Struts 6.4.0 or greater and/or migrate to the new file upload mechanism. This vulnerability is actively being exploited and poses significant danger to enterprise organizations in both the public and private sectors.
Read more about Emerging Threat: Apache Struts CVE-2024-53677CyCognito examined an anonymized set of ecommerce assets collected from November 2023 to October 2024. While there is evidence of better security practices, some basic vulnerabilities and misconfigurations persist. Retailers need to take the time to make sure their ecommerce sites are keeping valuable PII and financial information safe.
Read more about Gift or Grift? How Retailers Can Combat Cyber Threats This SeasonOn November 18, 2024, Palo Alto Networks (PAN) disclosed two serious vulnerabilities in PAN-OS. Chained together, these vulnerabilities create the perfect conditions for pre-authenticated Remote Code Execution (RCE). CyCognito discovery and testing engines actively detect vulnerable assets and all customers have access to an in-platform emerging security issue announcement as of November 20th, 2024.
Read more about Emerging Threat: Palo Alto PAN-OS CVE-2024-0012 & CVE-2024-9474CVE-2024-47575 (FortiJump) is a missing authentication vulnerability affecting critical functions in FortiManager and FortiManager Cloud versions. Approximately 60,000 assets are externally exposed worldwide. All CyCognito customers have access to an in-platform emerging threat announcement and methods to identify potentially vulnerable assets.
Read more about Emerging Threat: FortiJump (CVE-2024-47575)CVE-2024-23113 is a critical (9.8) Fortinet remote code execution (RCE) vulnerability affecting a variety of Fortinet products and versions. CyCognito is investigating active tests for CVE-2024-9463. Users can check if their assets are potentially vulnerable using provided filters in the CyCognito platform.
Read more about Emerging Security Issue: Fortinet FortiOS CVE-2024-23113On September 26, 2024, four critical RCE vulnerabilities were disclosed in components of the open-source printing system CUPS. CyCognito is investigating active detection methods for these vulnerabilities. Users can check if any assets are potentially vulnerable using provided filters in the CyCognito platform.
Read more about Emerging Security Issue: Multiple CUPS VulnerabilitiesOn October 9th, 2024, five vulnerabilities affecting Palo Alto Networks Expedition before version 1.2.96 were disclosed by Palo Alto Networks. These issues include OS command injection, SQL injection, cleartext storage of sensitive data, and reflected XSS vulnerabilities. Though active exploitation has not been reported, CyCognito has released an active test and in-app notification covering these issues due to risks posed by their severity and ease of exploitation.
Read more about Emerging Security Issue: Multiple Palo Alto Networks Expedition PAN-OS Firewalls VulnerabilitiesCVE-2024-7594 is a severe unrestricted authentication issue affecting HashiCorp’s Vault’s SSH secrets engine, specifically Vault Community Edition versions 1.7.7-1.17.5 and Vault Enterprise versions 1.7.7-1.17.5, as well as 1.16.9 and 1.15.14. HashiCorp has released patches for CVE-2024-7594 and organizations can mitigate vulnerable instances by setting the SSH secrets engine valid_principals field to a non-empty value. CyCognito is investigating methods to deploy to actively detect this vulnerability, but more information about this issue is available to users in the CyCognito platform.
Read more about Emerging Security Issue: HashiCorp Vault SSH CVE-2024-7594CVE-2024-28987 is a critical (CVSS v3 score: 9.1) hardcoded credential vulnerability in SolarWinds Web Help Desk (WHD) software. Organizations can patch this vulnerability by upgrading to version 12.8.3 HF2. CyCognito discovery and testing engines actively detect CVE-2024-28987 and customers have access to an in-platform emerging security issue announcement as of September 29th, 2024.
Read more about Emerging Security Issue: SolarWinds Web Help Desk CVE-2024-28987