Cybersecurity Alerts

Actively Exploited Vulnerabilities

The vulnerabilities listed below are sourced from the CISA Known Exploited Vulnerabilities catalog and represent security flaws that are actively being exploited in the wild. This list is updated daily. If you are unsure whether your systems are affected, contact us and we will help you assess your exposure.

CVE-2023-23397
Microsoft | Office
Microsoft Office Outlook Privilege Escalation Vulnerability
Microsoft Office Outlook contains a privilege escalation vulnerability that allows for a NTLM Relay attack against another service to authenticate as the user.
Added 2023-03-14
Remediation Deadline 2023-04-04
CVE-2022-41328
Fortinet | FortiOS
Fortinet FortiOS Path Traversal Vulnerability
Fortinet FortiOS contains a path traversal vulnerability that may allow a local privileged attacker to read and write files via crafted CLI commands.
Added 2023-03-14
Remediation Deadline 2023-04-04
CVE-2021-39144
XStream | XStream
XStream Remote Code Execution Vulnerability
XStream contains a remote code execution vulnerability that allows an attacker to manipulate the processed input stream and replace or inject objects that result in the execution of a local command on the server. This vulnerability can affect multiple products, including but not limited to VMware Cloud Foundation.
Added 2023-03-10
Remediation Deadline 2023-03-31
CVE-2020-5741
Plex | Media Server
Plex Media Server Remote Code Execution Vulnerability
Plex Media Server contains a remote code execution vulnerability that allows an attacker with access to the server administrator's Plex account to upload a malicious file via the Camera Upload feature and have the media server execute it.
Added 2023-03-10
Remediation Deadline 2023-03-31
CVE-2022-35914
Teclib | GLPI
Teclib GLPI Remote Code Execution Vulnerability
Teclib GLPI contains a remote code execution vulnerability in the third-party library, htmlawed.
Added 2023-03-07
Remediation Deadline 2023-03-28
CVE-2022-33891
Apache | Spark
Apache Spark Command Injection Vulnerability
Apache Spark contains a command injection vulnerability via Spark User Interface (UI) when Access Control Lists (ACLs) are enabled.
Added 2023-03-07
Remediation Deadline 2023-03-28
CVE-2022-28810
Zoho | ManageEngine
Zoho ManageEngine ADSelfService Plus Remote Code Execution Vulnerability
Zoho ManageEngine ADSelfService Plus contains an unspecified vulnerability allowing for remote code execution when performing a password change or reset.
Added 2023-03-07
Remediation Deadline 2023-03-28
CVE-2022-36537Active Ransomware Campaign
ZK Framework | AuUploader
ZK Framework AuUploader Unspecified Vulnerability
ZK Framework AuUploader servlets contain an unspecified vulnerability that could allow an attacker to retrieve the content of a file located in the web context. The ZK Framework is an open-source Java framework. This vulnerability can impact multiple products, including but not limited to ConnectWise R1Soft Server Backup Manager.
Added 2023-02-27
Remediation Deadline 2023-03-20
CVE-2022-47986Active Ransomware Campaign
IBM | Aspera Faspex
IBM Aspera Faspex Code Execution Vulnerability
IBM Aspera Faspex could allow a remote attacker to execute code on the system, caused by a YAML deserialization flaw.
Added 2023-02-21
Remediation Deadline 2023-03-14
CVE-2022-41223Active Ransomware Campaign
Mitel | MiVoice Connect
Mitel MiVoice Connect Code Injection Vulnerability
The Director component in Mitel MiVoice Connect allows an authenticated attacker with internal network access to execute code within the context of the application.
Added 2023-02-21
Remediation Deadline 2023-03-14
CVE-2022-40765Active Ransomware Campaign
Mitel | MiVoice Connect
Mitel MiVoice Connect Command Injection Vulnerability
The Mitel Edge Gateway component of MiVoice Connect allows an authenticated attacker with internal network access to execute commands within the context of the system.
Added 2023-02-21
Remediation Deadline 2023-03-14
CVE-2022-46169
Cacti | Cacti
Cacti Command Injection Vulnerability
Cacti contains a command injection vulnerability that allows an unauthenticated user to execute code.
Added 2023-02-16
Remediation Deadline 2023-03-09
CVE-2023-23529
Apple | Multiple Products
Apple Multiple Products WebKit Type Confusion Vulnerability
Apple iOS, MacOS, Safari and iPadOS WebKit contain a type confusion vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.
Added 2023-02-14
Remediation Deadline 2023-03-07
CVE-2023-23376Active Ransomware Campaign
Microsoft | Windows
Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability
Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability that allows for privilege escalation.
Added 2023-02-14
Remediation Deadline 2023-03-07
CVE-2023-21823
Microsoft | Windows
Microsoft Windows Graphic Component Privilege Escalation Vulnerability
Microsoft Windows Graphic Component contains an unspecified vulnerability that allows for privilege escalation.
Added 2023-02-14
Remediation Deadline 2023-03-07
CVE-2023-21715
Microsoft | Office
Microsoft Office Publisher Security Feature Bypass Vulnerability
Microsoft Office Publisher contains a security feature bypass vulnerability that allows for a local, authenticated attack on a targeted system.
Added 2023-02-14
Remediation Deadline 2023-03-07
CVE-2023-0669Active Ransomware Campaign
Fortra | GoAnywhere MFT
Fortra GoAnywhere MFT Remote Code Execution Vulnerability
Fortra (formerly, HelpSystems) GoAnywhere MFT contains a pre-authentication remote code execution vulnerability in the License Response Servlet due to deserializing an attacker-controlled object.
Added 2023-02-10
Remediation Deadline 2023-03-03
CVE-2022-24990Active Ransomware Campaign
TerraMaster | TerraMaster OS
TerraMaster OS Remote Command Execution Vulnerability
TerraMaster OS contains a remote command execution vulnerability that allows an unauthenticated user to execute commands on the target endpoint.
Added 2023-02-10
Remediation Deadline 2023-03-03
CVE-2015-2291Active Ransomware Campaign
Intel | Ethernet Diagnostics Driver for Windows
Intel Ethernet Diagnostics Driver for Windows Denial-of-Service Vulnerability
Intel ethernet diagnostics driver for Windows IQVW32.sys and IQVW64.sys contain an unspecified vulnerability that allows for a denial-of-service (DoS).
Added 2023-02-10
Remediation Deadline 2023-03-03
CVE-2023-22952
SugarCRM | Multiple Products
Multiple SugarCRM Products Remote Code Execution Vulnerability
Multiple SugarCRM products contain a remote code execution vulnerability in the EmailTemplates. Using a specially crafted request, custom PHP code can be injected through the EmailTemplates.
Added 2023-02-02
Remediation Deadline 2023-02-23
CVE-2022-21587Active Ransomware Campaign
Oracle | E-Business Suite
Oracle E-Business Suite Unspecified Vulnerability
Oracle E-Business Suite contains an unspecified vulnerability that allows an unauthenticated attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator.
Added 2023-02-02
Remediation Deadline 2023-02-23
CVE-2017-11357Active Ransomware Campaign
Telerik | User Interface (UI) for ASP.NET AJAX
Telerik UI for ASP.NET AJAX Insecure Direct Object Reference Vulnerability
Telerik UI for ASP.NET AJAX contains an insecure direct object reference vulnerability in RadAsyncUpload that can result in file uploads in a limited location and/or remote code execution.
Added 2023-01-26
Remediation Deadline 2023-02-16
CVE-2022-47966Active Ransomware Campaign
Zoho | ManageEngine
Zoho ManageEngine Multiple Products Remote Code Execution Vulnerability
Multiple Zoho ManageEngine products contain an unauthenticated remote code execution vulnerability due to the usage of an outdated third-party dependency, Apache Santuario.
Added 2023-01-23
Remediation Deadline 2023-02-13
CVE-2022-44877
CWP | Control Web Panel
CWP Control Web Panel OS Command Injection Vulnerability
CWP Control Web Panel (formerly CentOS Web Panel) contains an OS command injection vulnerability that allows remote attackers to execute commands via shell metacharacters in the login parameter.
Added 2023-01-17
Remediation Deadline 2023-02-07
CVE-2023-21674
Microsoft | Windows
Microsoft Windows Advanced Local Procedure Call (ALPC) Privilege Escalation Vulnerability
Microsoft Windows Advanced Local Procedure Call (ALPC) contains an unspecified vulnerability that allows for privilege escalation.
Added 2023-01-10
Remediation Deadline 2023-01-31
CVE-2022-41080Active Ransomware Campaign
Microsoft | Exchange Server
Microsoft Exchange Server Privilege Escalation Vulnerability
Microsoft Exchange Server contains an unspecified vulnerability that allows for privilege escalation. This vulnerability is chainable with CVE-2022-41082, which allows for remote code execution.
Added 2023-01-10
Remediation Deadline 2023-01-31
CVE-2018-5430
TIBCO | JasperReports
TIBCO JasperReports Server Information Disclosure Vulnerability
TIBCO JasperReports Server contain a vulnerability which may allow any authenticated user read-only access to the contents of the web application, including key configuration files.
Added 2022-12-29
Remediation Deadline 2023-01-19
CVE-2018-18809
TIBCO | JasperReports
TIBCO JasperReports Library Directory Traversal Vulnerability
TIBCO JasperReports Library contains a directory-traversal vulnerability that may allow web server users to access contents of the host system.
Added 2022-12-29
Remediation Deadline 2023-01-19
CVE-2022-42856
Apple | iOS
Apple iOS Type Confusion Vulnerability
Apple iOS contains a type confusion vulnerability when processing maliciously crafted web content leading to code execution.
Added 2022-12-14
Remediation Deadline 2023-01-04
CVE-2022-44698Active Ransomware Campaign
Microsoft | Defender
Microsoft Defender SmartScreen Security Feature Bypass Vulnerability
Microsoft Defender SmartScreen contains a security feature bypass vulnerability that could allow an attacker to evade Mark of the Web (MOTW) defenses via a specially crafted malicious file.
Added 2022-12-13
Remediation Deadline 2023-01-03