Red Hot Cyber, il blog italiano sulla sicurezza informatica
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Select language
Italian Spanish
Search
2nd Edition GlitchZone RHC 320x100 2
970x20 Itcentric

Category: Bug and vulnerability

Critical Vulnerability in MongoDB Compass: CVE-2024-6376 Exposes Systems to Code Injection Risks

Pietro Melillo 08/07/2024

A critical security vulnerability, identified as CVE-2024-6376, has been discovered in MongoDB Compass, a widely-used graphical interface for MongoDB data management. This security flaw could have serious repercussions, including data loss and unauthorized access to systems. Vulnerability Details The vulnerability affects versions of MongoDB Compass prior to 1.42.2. According to the National Vulnerability Database (NVD), the flaw has received a score of 9.8 out of 10 in the Common Vulnerability Scoring System (CVSS), indicating an extremely high risk. This score highlights the severity of the issue and the need for immediate action to mitigate potential damage. Implications of the Vulnerability Exploitation of

Dangerous 0day Windows LPE Vulnerability for Sale in the Underground

Pietro Melillo 07/07/2024

A malicious actor, under the name “tikila”, has posted an advertisement on a hacking forum for the sale of a local privilege escalation (LPE) vulnerability for Windows. According to the post, this vulnerability has been tested and confirmed to work on various versions of Windows, including Windows 10, Windows 11, and several Windows Server versions (2008, 2012, 2016, 2019, 2022). Vulnerability Details The announcement claims that the vulnerability is 100% reliable and does not cause system crashes, ensuring process continuity. The author specifies that the vulnerability has been tested on fully updated and patched systems, implying it might exploit an unknown zero-day

Critical Apache Tomcat Vulnerability CVE-2024-34750 Could Bring Your Server to a Halt!

Raffaela Crisci 05/07/2024

The vulnerability CVE-2024-34750 in Apache Tomcat, as described in the security bulletin AL01/240705/CSIRT-ITA, concerns an issue that can be exploited to overload the server’s computing resources, leading to a Denial of Service (DoS). Apache Tomcat is an open-source server that implements Java Servlet, JavaServer Pages (JSP), and other Java technologies. The vulnerability was discovered directly by the Tomcat security team. Vulnerability Details The vulnerability was identified in the open-source web server Apache Tomcat, developed by the Apache Software Foundation. This security flaw can be exploited by a remote attacker to overload the computing resources of the vulnerable system, thus compromising service availability.

Serious Vulnerability in Windows Systems: Here’s How an Attacker Can Gain Complete Control of Your PC

Alessio Stefan 05/07/2024

A severe security vulnerability has been discovered in MSI Center, a widely used software on Windows systems. This flaw, classified as CVE-2024-37726 and with a CVSS score of 7.8 (high), allows a low-privileged attacker to gain complete control of the system. Privilege escalation refers to an attack in which a user with limited privileges gains access with higher privileges, such as those of an administrator, without having the proper authorization. This can allow a malicious user to perform actions that would not normally be allowed. CVE Details By exploiting a flaw in the way MSI Center handles permissions, a malicious actor can manipulate the filesystem and trick the software into

Critical Vulnerabilities in Splunk Enterprise Enable Remote Code Execution

Pietro Melillo 03/07/2024

Splunk, a leading provider of software for searching, monitoring, and analyzing machine-generated big data, has released urgent security updates for its flagship product, Splunk Enterprise. These updates address multiple critical vulnerabilities that pose significant security risks, including the potential for remote code execution (RCE). The affected versions include 9.0.x, 9.1.x, and 9.2.x, and the vulnerabilities were identified by both internal and external security researchers. Key Vulnerabilities Addressed The critical vulnerabilities patched in these updates are as follows: Additional Vulnerabilities In addition to the aforementioned critical issues, several Cross-Site Scripting (XSS) vulnerabilities have been addressed. XSS vulnerabilities allow attackers to inject malicious scripts

OpenSSH: An RCE run as Root puts 14 million instances on Linux at risk

Sandro Sana 02/07/2024

A recent critical vulnerability in OpenSSH, identified as CVE-2024-6387, could allow unauthenticated remote code execution with root privileges on glibc-based Linux systems. This flaw resides in the server component of OpenSSH (sshd) and is due to a race condition in the signal handler. The vulnerability was reintroduced in October 2020 in OpenSSH version 8.5p1, partially fixing an 18-year-old problem (CVE-2006-5051). Details of the Vulnerability The vulnerability affects OpenSSH versions between 8.5p1 and 9.7p1. It allows attackers to execute arbitrary code with elevated privileges, completely compromising the system. This issue is particularly relevant because there are approximately 14 million potentially vulnerable OpenSSH server

Category