Security Advisories: Jan 06 to Jan 12, 2025

Title: Security Update: Ivanti Connect Secure, Policy Secure and Neurons for ZTA Gateways

Published Date: Jan 08, 2025

Risk Index: 9.17 of 10 (Critical)

Summary: A critical vulnerability has been identified in the stack-based buffer overflow in Ivanti Connect Secure, Ivanti Policy Secure, and Ivanti Neurons for ZTA gateways, which allows a remote unauthenticated attacker to achieve remote code execution.

If exploited, this vulnerability could allow an attacker to gain unauthorized access to sensitive data or execute arbitrary code on the affected system. It would provide complete control of the affected device, potentially leading to unauthorized data access, system manipulation, denial of service attacks, and further propagation of malware or ransomware within the network.

Title: OS Command Injection Vulnerability

Published Date: Jan 03, 2025

Risk Index: 8.13 of 10 (High)

Summary: Moxa’s cellular routers, secure routers, and network security appliances are affected by a critical vulnerability identified as CVE-2024-9140. This vulnerability allows OS command injection due to improperly restricted commands, potentially enabling attackers to execute arbitrary code.

If exploited, this vulnerability could allow an attacker to gain unauthorized access to sensitive data or execute arbitrary code on the affected system. The consequences include potential system takeover, data breaches, disruption of network operations, and further propagation of attacks within the network, posing severe security risks to both the organization and its clients.

Title: SonicWALL NSv Authentication Bypass Vulnerability

Published Date: Jan 08, 2025

Risk Index: 8.19 of 10 (High)

Summary: A critical vulnerability has been identified in the SSLVPN authentication mechanism of SonicWALL NSv devices and certain other SonicWall firewall products. This vulnerability, registered as CVE-2024-53704, allows a remote attacker to bypass the authentication process.

If exploited, this vulnerability could allow an attacker to gain unauthorized access to sensitive data, potentially execute arbitrary code, and perform unauthorized actions on the affected system. This could lead to data breaches, unauthorized network access, and further exploitation within the network environment.

Title:ย Remote Desktop Services Remote Code Execution Vulnerability

Published Date:ย Aug 13, 2019

Risk Index:ย 8.53 of 10 (High)

Summary:ย A critical vulnerability has been identified in the Remote Desktop Services component of Microsoft Windows, referred to as CVE-2019-1182. This vulnerability enables an unauthenticated attacker to execute arbitrary code on the targeted system through specially crafted requests sent via RDP (Remote Desktop Protocol). As the vulnerability is pre-authentication and requires no user interaction, it poses a significant threat to the security of affected systems. An attacker leveraging this vulnerability could essentially take full control of the system, potentially installing malicious programs, altering or deleting data, and creating accounts with full user rights.

If successfully exploited, this vulnerability could allow an attacker to gain unauthorized access to sensitive data or execute arbitrary code on the affected system. Once compromised, the attacker can install and execute malicious programs, view, change, or delete data, or create new accounts with full user rights. Given the pre-authentication nature of the vulnerability, it can severely disrupt the functionality of affected systems, leading to potential denial of services and the spread of ‘wormable’ malware across various systems within a network.

Check out our Vulnerability Notices to keep up to date with the vulnerabilities to watch out for.ย 

Share This Post On