Posts tagged ‘Unauthenticated Access’

Research

Emerging Threat: Windows LDAP CVE-2024-49113

By Emma Zaballos ・ January 8, 2025

CVE-2024-49113 is a high severity unauthenticated Denial of Service (DoS) vulnerability in Windows Lightweight Directory Access Protocol (LDAP). This vulnerability allows attackers to crash any unpatched Windows server with an internet-accessible DNS server by overwhelming a critical internal component of the operating system. Patching is recommended and vulnerable devices should be monitored for potential exploitation attempts.

Research

Emerging Security Issue: SolarWinds Web Help Desk CVE-2024-28987

By Emma Zaballos ・ September 30, 2024

CVE-2024-28987 is a critical (CVSS v3 score: 9.1) hardcoded credential vulnerability in SolarWinds Web Help Desk (WHD) software. Organizations can patch this vulnerability by upgrading to version 12.8.3 HF2. CyCognito discovery and testing engines actively detect CVE-2024-28987 and customers have access to an in-platform emerging security issue announcement as of September 29th, 2024.

What Over 2 Million Assets Reveal About Industry Vulnerability Zohar Venturero July 15, 2025

And The Cloud Goes Wild: Looking at Vulnerabilities in Cloud Assets Emma Zaballos May 20, 2025

Faster Fixes: Solving the Security Testing Trade-off Jason Pappalexis May 19, 2025

Posts tagged ‘Unauthenticated Access’

Search the Blog

Emerging Threat: Windows LDAP CVE-2024-49113

Emerging Security Issue: SolarWinds Web Help Desk CVE-2024-28987