000 ArchivesU.S. Cybersecurity and Infrastructure Security Agency (CISA) has just added new exploits to its actively exploited list, as first noticed by BleepingComputer.
CISA's actions basically serve as a warning to U.S. federal agencies about vulnerabilities currently being exploited in the wild.
One exploit being tracked, CVE-2023-20118, allows hackers to remotely "execute arbitrary commands" on certain VPN routers. These routers include Cisco Small Business Routers RV016, RV042, RV042G, RV082, RV320, and RV325.
"An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface," CISA wrote. "A successful exploit could allow the attacker to gain root-level privileges and access unauthorized data."
In order to take advantage of this exploit, an attacker would need admin credentials. However, as BleepingComputer points out, hackers could take advantage of another vulnerability, CVE-2023-20025, in order to bypass authentication.
Another vulnerability added by CISA is CVE-2018-8639. This bug affects a broad swath of Windows operating systems including Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, and Windows 10 Servers.
According to CISA, this vulnerability "exists in Windows when the Win32k component fails to properly handle objects in memory." A bad actor with local access to the vulnerable system can utilize the exploit to run arbitrary code in kernel mode. BleepingComputer reports that a bad actor could use this vulnerability to "alter data or create rogue accounts with full user rights to take over vulnerable Windows devices."
Microsoft and Cisco have not yet released their own security warning regarding these two exploits.
Topics Cybersecurity
Amazon Pet Day: All the best deals
Wordle today: Here's the July 18 Wordle answer and hints
11 gift ideas for those trying to lose weight in the New Year
Duolingo wants to expand your High Valyrian ahead of 'House of the Dragon'
Best portable power station deal: Save $179.01 on the EcoFlow River 2 Max
YouTuber Lilly Singh is taking a break to focus on her mental health
OnePlus reveals launch date for OnePlus 10T
YouTuber Lilly Singh is taking a break to focus on her mental health
The State of PC Gaming in 2016
Wordle today: Here's the July 22 Wordle answer and hints
Best Sony headphones deal: Over $100 off Sony XM5 headphones
The NFL's new streaming service with live games, explained
Barack Obama surprised Michelle with flowers on her book tour
Michelle Obama on Trump: 'You don’t get results when you go low'
Best Sony headphones deal: Over $100 off Sony XM5 headphones
Did you lose a pigeon dressed in a bedazzled vest? He's been found.
Omnipotence City is 'Thor: Love and Thunder's biggest wasted opportunity
Steam games are coming to Tesla cars soon, Elon Musk said
Dyson V8 Plus cordless vacuum: $120 off at Amazon
The Twitter bots that make the internet a little bit nicer
NYT Connections hints and answers for December 20: Tips to solve 'Connections' #558.PSVR2 bundle deal: Get it for $250 before XmasMiami Heat vs. Orlando Magic 2024 livestream: Watch NBA onlineNYT mini crossword answers for December 20AirTag deal: $69.99 for fourEagles vs. Commanders 2024 livestream: How to watch NFL onlineCardinals vs. Panthers 2024 livestream: How to watch NFL for freeOpenAI announces o3 and o3 mini reasoning modelsBest Amazon deals of the day: Fire TV Stick 4K, Sony WHPSVR2 bundle deal: Get it for $250 before XmasDyson Supersonic Origin deal: $299.99 at DysonAlbania announces oneDetroit Pistons vs. Phoenix Suns 2024 livestream: Watch NBA onlineImages of Lenovo's rollable laptop have appeared onlineNYT subscribers can now play old 'Connections' puzzlesCyberattack on healthcare chain exposes sensitive data of 5.6 million patientsDetroit Pistons vs. Phoenix Suns 2024 livestream: Watch NBA onlineAlbania announces one$800 off an LG TV at Best BuyFIFA and Netflix strike a deal on FIFA Women's World Cup streaming Social Good Summit 2019 takes on climate change and centers marginalized voices Kanye West realizes no one man should have all that power, deletes Trump tweets Massive DoorDash hack exposes millions of customers' personal data Lizzo synced up perfectly to Disney's classic 'The Aristocats' Heartwarming video shows boy with Down syndrome dancing to 'Born This Way' Thoughtful dad sends flowers not to his wife, but to his dog Everlast chooses first transgender boxer to represent their brand Facebook is thinking about removing like counts 'The Simpsons' foretold Lady Gaga's entire Super Bowl performance years ago These iOS apps need to embrace dark mode Instagram makes its bully Libra may be losing support from key partners already 'Untitled Goose Game' has everyone living their best chaotic lives 4chan trolling turned the OK sign into a symbol of hate 5 crucial lessons everyone should learn from Chanel Miller's memoir about her sexual assault Gas station converting to EV chargers is the modern feel Two daring pranksters allegedly hacked a billboard to play pornography The Politician proves Ryan Murphy's final form is an acid trip: Review Facebook to selectively pay media orgs desperate for its news tab scraps While the top teams compete in the Super Bowl, everyone else eats
1.9555s , 8199.8125 kb
Copyright © 2025 Powered by 【2000 Archives】,Fresh Information Network