Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Search
Banner Ransomfeed 320x100 1
Fortinet 970x120px

Category: Bug and vulnerability

Serious Vulnerability in Windows Systems: Here’s How an Attacker Can Gain Complete Control of Your PC

Alessio Stefan 05/07/2024

A severe security vulnerability has been discovered in MSI Center, a widely used software on Windows systems. This flaw, classified as CVE-2024-37726 and with a CVSS score of 7.8 (high), allows a low-privileged attacker to gain complete control of the system. Privilege escalation refers to an attack in which a user with limited privileges gains access with higher privileges, such as those of an administrator, without having the proper authorization. This can allow a malicious user to perform actions that would not normally be allowed. CVE Details By exploiting a flaw in the way MSI Center handles permissions, a malicious actor can manipulate the filesystem and trick the software into

Critical Vulnerabilities in Splunk Enterprise Enable Remote Code Execution

Pietro Melillo 03/07/2024

Splunk, a leading provider of software for searching, monitoring, and analyzing machine-generated big data, has released urgent security updates for its flagship product, Splunk Enterprise. These updates address multiple critical vulnerabilities that pose significant security risks, including the potential for remote code execution (RCE). The affected versions include 9.0.x, 9.1.x, and 9.2.x, and the vulnerabilities were identified by both internal and external security researchers. Key Vulnerabilities Addressed The critical vulnerabilities patched in these updates are as follows: Additional Vulnerabilities In addition to the aforementioned critical issues, several Cross-Site Scripting (XSS) vulnerabilities have been addressed. XSS vulnerabilities allow attackers to inject malicious scripts

OpenSSH: An RCE run as Root puts 14 million instances on Linux at risk

Sandro Sana 02/07/2024

A recent critical vulnerability in OpenSSH, identified as CVE-2024-6387, could allow unauthenticated remote code execution with root privileges on glibc-based Linux systems. This flaw resides in the server component of OpenSSH (sshd) and is due to a race condition in the signal handler. The vulnerability was reintroduced in October 2020 in OpenSSH version 8.5p1, partially fixing an 18-year-old problem (CVE-2006-5051). Details of the Vulnerability The vulnerability affects OpenSSH versions between 8.5p1 and 9.7p1. It allows attackers to execute arbitrary code with elevated privileges, completely compromising the system. This issue is particularly relevant because there are approximately 14 million potentially vulnerable OpenSSH server

Category