October 18, 2024

Weekly Vulnerability Roundup - Week Commencing 14th October 2024

The Precursor Security Weekly Vulnerability Roundup for week commencing 14th October 2024.

Get Your 'Vulnerability Management Template' FREE!‍

Your Vulnerability Management Template Includes:

  • Full Vulnerability Identification Process Documents
  • Easy to Follow Process Diagrams
  • System and Data Criticality Definitions
  • Vulnerability Triage Process
  • Remediation Allocation Process
  • Root Cause Analysis Process

Secure your organisation today by completing the form for your Vulnerability Management Template.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Download the, 'How to secure Microsoft Office Desktop Deployments Technical Guide' - FREE

  • 15 Technical Controls to help secure your users and keep your business safe.
  • 100’s of reference group policy objects to implement the controls
  • Reference material to learn more about each control

Complete the form to download your free technical guide and secure your organisation today.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Download the Cyber Essentials Template Policy Pack - FREE

Complete the form to download your FREE Cyber Essentials Template Pack today, including:

  • User Management Policy
  • Patch Management Policy
  • Mobile Device Management Policy
  • Information Security Policy
  • Device Build Policy
  • Credential Management Policy
  • Account Usage Policy
  • Registers for all of the above policies

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Download the Microsoft 365 Security Guide  - FREE

Complete the form to download your FREE Microsoft 365 Security Guide today, including:

  • A checklist to ensure your organisation is protected.
  • Top tips you can distribute to employees to keep your data safe.
  • Recommended secure configuration settings for your environment.

Sign up on the form and receive the guide instantly.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Week Summary

This week, EPSS scores show a marked increase in risk across vulnerabilities in various technologies, notably in Microsoft products. Escalation flaw in the Microsoft Windows Kernel, which has been added to the CISA KEV list. Overall, the change in EPSS reflects a trend where attackers might target widely-used software for greater impact, risking remote code execution and data breaches. Users must apply patches or cease using affected products promptly. Three new vulnerabilities have been added to the CISA KEV list.

Want to receive this report right to your inbox every Friday? Enter your email address here to sign up: https://marketing.precursorsecurity.com/weekly-vulnerability-report/

Affected Technologies Summary

  • CVE-2024-9463 - Palo Alto Networks Expedition
  • CVE-2023-6063 - WP Fastest Cache WordPress plugin
  • CVE-2016-8610 - OpenSSL
  • CVE-2024-9465 - Palo Alto Networks Expedition
  • CVE-2018-19864 - NUUO NVRmini2 Network Video Recorder
  • CVE-2006-3014 - Microsoft Excel
  • CVE-2013-6749 - IBM Lotus Quickr
  • CVE-2013-6748 - IBM Lotus Quickr for Domino 8.5.1
  • CVE-2011-0346 - Microsoft Internet Explorer 6, 7, 8
  • CVE-2023-41763 - Skype for Business
  • CVE-2021-31206 - Microsoft Exchange Server
  • CVE-2020-14864 - Oracle Fusion Middleware
  • CVE-2023-30805 - Sangfor Next-Gen Application Firewall
  • CVE-2023-30806 - Sangfor Next-Gen Application Firewall NGAF8.0.17
  • CVE-2007-5351 - Microsoft Windows Vista
  • CVE-2024-28987 - SolarWinds Web Help Desk
  • CVE-2024-30088 - Microsoft Windows Kernel
  • CVE-2024-9680 - Mozilla Firefox, Firefox ESR

CVE-2024-9463

EPSS Increase Delta: 73.52%

Original Score: 0.04%

Affected Technology: Palo Alto Networks Expedition

Is New CISA Known Exploited Vulnerability: False

EPSS increased significantly by 73.52%, indicating a higher risk. An OS command injection in Palo Alto Networks Expedition lets unauthenticated attackers execute arbitrary commands as root, compromising usernames, plaintext passwords, configurations, and API keys of PAN-OS firewalls. There are no specified remediations from the NVD at this time.

CVE-2023-6063

EPSS Increase Delta: 29.60%

Original Score: 14.54%

Affected Technology: WP Fastest Cache WordPress plugin

Is New CISA Known Exploited Vulnerability: False

The EPSS score increased by 29.60% to 44.14%. The WP Fastest Cache WordPress plugin before version 1.2.2 is vulnerable to a SQL injection due to improper sanitisation and escape of a parameter, with exploitation possible by unauthenticated users. It's recommended to update to the latest version to mitigate this vulnerability.

CVE-2016-8610

EPSS Increase Delta: 25.62%

Original Score: 26.97%

Affected Technology: OpenSSL

Is New CISA Known Exploited Vulnerability: False

EPSS increased from 26.97% to 52.59%, indicating a higher risk level. The vulnerability affects OpenSSL and can be exploited to perform a denial of service attack by sending multiple malformed ALERT packets during a handshake, making the server unresponsive. Upgrade to a patched OpenSSL version to mitigate this issue.

CVE-2024-9465

EPSS Increase Delta: 18.10%

Original Score: 0.04%

Affected Technology: Palo Alto Networks Expedition

Is New CISA Known Exploited Vulnerability: False

The vulnerability CVE-2024-9465 has undergone a significant increase in risk, with the EPSS delta rising to 18.10% from an original likelihood of 0.04%. The critical flaw pertains to Palo Alto Networks Expedition, where an SQL injection vulnerability allows an unauthenticated attacker to extract sensitive data and potentially write arbitrary files. Immediate patching is advised.

CVE-2018-19864

EPSS Increase Delta: 15.51%

Original Score: 18.34%

Affected Technology: NUUO NVRmini2 Network Video Recorder

Is New CISA Known Exploited Vulnerability: False

The EPSS score for CVE-2018-19864 has seen an increase of 15.51%, moving from an initial score of 18.34% to 33.85%. This vulnerability in NUUO NVRmini2 Network Video Recorder firmware versions up to 3.9.1 allows remote attackers to execute arbitrary code or cause a denial of service via a buffer overflow. This could lead to unauthorized access to camera feeds or reconfiguration of the device. There is no directed remediation information, but users should consider updating to a non-vulnerable version if available.

CVE-2006-3014

EPSS Increase Delta: 14.85%

Original Score: 58.30%

Affected Technology: Microsoft Excel

Is New CISA Known Exploited Vulnerability: False

EPSS has increased by 14.85%, going from an original 58.30% to a current 73.15%. This phenomenon reflects growing concern around the vulnerability found in Microsoft Excel which could allow attackers to compel Excel to execute arbitrary JavaScript and redirect users to malevolent sites.

CVE-2013-6749

EPSS Increase Delta: 14.54%

Original Score: 20.19%

Affected Technology: IBM Lotus Quickr

Is New CISA Known Exploited Vulnerability: False

EPSS score increased from 20.19% to 34.73%, a delta of 14.54%. This vulnerability is a buffer overflow in the ActiveX control of IBM Lotus Quickr for Domino 8.5.1, which predates version 8.5.1.42-001b. It could allow remote attackers to execute arbitrary code via a crafted HTML document. It is distinct from CVE-2013-6748. Users should update to a non-affected version to remediate.

CVE-2013-6748

EPSS Increase Delta: 14.54%

Original Score: 20.19%

Affected Technology: IBM Lotus Quickr for Domino 8.5.1

Is New CISA Known Exploited Vulnerability: False

EPSS score increased from 20.19% to 34.73%, demonstrating a 14.54% delta. A critical buffer overflow was found in IBM Lotus Quickr for Domino 8.5.1 preceding version 8.5.1.42-001b. Attackers can exploit this by convincing a user to open a malicious HTML document, leading to potential remote code execution. This is separate from CVE-2013-6749. Users should update to version 8.5.1.42-001b or later.

CVE-2011-0346

EPSS Increase Delta: 13.54%

Original Score: 56.27%

Affected Technology: Microsoft Internet Explorer 6, 7, 8

Is New CISA Known Exploited Vulnerability: False

EPSS has increased by 13.54%, now at 69.81% from originally being at 56.27%. The vulnerability concerns a use-after-free issue in the MSHTML.DLL of Internet Explorer versions 6 through 8. Remote attackers could run arbitrary code or crash the application through certain manipulations of the DOM and associated functions. No immediate remediation details are provided.

CVE-2023-41763

EPSS Increase Delta: 12.99%

Original Score: 59.82%

Affected Technology: Skype for Business

Is New CISA Known Exploited Vulnerability: False

The EPSS score for CVE-2023-41763 has risen by 12.99%, indicating increased attention to this threat and potentially higher risk of exploitation. This vulnerability exists in Skype for Business and could potentially allow an attacker to gain elevated privileges within the system. To best mitigate this threat, updating the affected software with the latest security patches released by the vendor is advised.

CVE-2021-31206

EPSS Increase Delta: 12.82%

Original Score: 48.09%

Affected Technology: Microsoft Exchange Server

Is New CISA Known Exploited Vulnerability: False

EPSS has increased from 48.09% to 60.91%, marking a delta of 12.82%. This vulnerability is identified as a Microsoft Exchange Server Remote Code Execution issue, which could allow an attacker to perform arbitrary code execution. Immediate patching is recommended.

CVE-2020-14864

EPSS Increase Delta: 11.94%

Original Score: 57.38%

Affected Technology: Oracle Fusion Middleware

Is New CISA Known Exploited Vulnerability: False

EPSS has increased from 57.38% to 69.31%, indicating a higher risk of exploitability. This vulnerability resides in Oracle Business Intelligence Enterprise Edition, specifically within the Installation component of Oracle Fusion Middleware. Affected versions are 5.5.0.0.0, 12.2.1.3.0, and 12.2.1.4.0. An unauthenticated attacker could potentially exploit this flaw over HTTP to gain unauthorized access to critical or all accessible data. To address this issue, administrators are urged to apply the necessary patches or updates provided by Oracle.

CVE-2023-30805

EPSS Increase Delta: 10.77%

Original Score: 9.91%

Affected Technology: Sangfor Next-Gen Application Firewall

Is New CISA Known Exploited Vulnerability: False

The EPSS score for CVE-2023-30805 has increased significantly, from 9.91% to 20.68%, a change of 10.77%. This vulnerability impacts the Sangfor Next-Gen Application Firewall version NGAF8.0.17, allowing remote, unauthenticated attackers to execute arbitrary commands via a crafted HTTP POST request to the /LogInOut.php endpoint. This results from improper handling of shell meta-characters in the 'un' parameter. Immediate patching is advised to mitigate this risk.

CVE-2023-30806

EPSS Increase Delta: 10.77%

Original Score: 9.91%

Affected Technology: Sangfor Next-Gen Application Firewall NGAF8.0.17

Is New CISA Known Exploited Vulnerability: False

EPSS increased from 9.91% to 20.68%, an uptick of 10.77%. The vulnerability resides in the Sangfor Next-Gen Application Firewall version NGAF8.0.17, where an attacker can inject and execute arbitrary commands through a malformed HTTP POST request targeting the /cgi-bin/login.cgi endpoint. The flaw stems from improper handling of shell meta-characters within the PHPSESSID cookie. Users should apply any provided patches or follow vendor mitigation instructions promptly to secure their systems against potential exploitation.

CVE-2007-5351

EPSS Increase Delta: 10.12%

Original Score: 65.09%

Affected Technology: Microsoft Windows Vista

Is New CISA Known Exploited Vulnerability: False

This week, we observed a 10.12% increase in the EPSS (Event Probability Scoring System) for CVE-2007-5351, signaling a heightened risk profile. The vulnerability itself pertains to unspecified flaws in the SMBv2 signing support on Windows Vista. Attackers can exploit this by sending a specially crafted SMBv2 packet, causing signature re-computation and potentially leading to arbitrary code execution. Users are advised to apply any available patches or follow vendor recommendations to mitigate this issue.

CVE-2024-28987

EPSS Increase Delta: 3.09%

Original Score: 94.16%

Affected Technology: SolarWinds Web Help Desk

Is New CISA Known Exploited Vulnerability: True

The EPSS score for CVE-2024-28987 increased by 3.09%, signaling a heightened risk. This vulnerability affects SolarWinds Web Help Desk, involving hardcoded credentials that grant unauthenticated and remote access with potential data modification capabilities. Mitigation involves following vendor instructions or ceasing product use if no solutions are available. It was added to the CISA KEV list.

CVE-2024-30088

EPSS Increase Delta: 38.10%

Original Score: 0.04%

Affected Technology: Microsoft Windows Kernel

Is New CISA Known Exploited Vulnerability: True

The EPSS score has risen sharply from 0.04% to 0.42%, a delta of 38.10%, indicating a significantly increased risk. Due to a TOCTOU race condition in the Microsoft Windows Kernel, there is a privilege escalation vulnerability, which could be exploited by attackers. The CISA has added this to the KEV list, emphasizing the need for immediate attention to apply necessary mitigations or to discontinue use if there is no remedy.

CVE-2024-9680

EPSS Increase Delta: 25.30%

Original Score: 0.04%

Affected Technology: Mozilla Firefox, Firefox ESR

Is New CISA Known Exploited Vulnerability: True

The EPSS increase for CVE-2024-9680 indicates a notable rise from 0.04% to 25.34%, revealing a heightened risk since initial assessment. Mozilla Firefox and Firefox ESR suffer from a use-after-free vulnerability within Animation timelines, potentially leading to code execution in the content process. Immediate remediation is advised either by implementing vendor-supplied mitigations or ceasing product usage if no fixes are offered. This has been newly added to the CISA Known Exploited Vulnerability list.

Want to receive this report right to your inbox every Friday? Enter your email address here to sign up: https://marketing.precursorsecurity.com/weekly-vulnerability-report/

Ready for a true 24x7 cyber risk management solution from a CREST-Accredited SOC?

Get Your CREST 'What is a Security Operations Centre?' Guide!

It’s important to know what you’re getting, what’s not included and what else is available. This starts with understanding a SOC and it’s critical functions. CREST has recently published a guide to the critical functions of a SOC which aligns with the CREST SOC standard.

Enter your details here and to get the complete guide instantly sent to your inbox.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Why choose us?

Choose Precursor Security for penetration testing excellence—where industry-leading expertise, CREST accreditation, and a client-focused approach converge to fortify your digital defences with precision and reliability.

Written by

Precursor Security

Welcome to Precursor Security, where the forefront of cybersecurity and penetration testing expertise meets unmatched dedication and innovation. We are the architects of robust digital defences, committed to safeguarding the online realm.

menu