CVE-2024-6342

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78)

Published: Sep 10, 2024 / Updated: 2mo ago

VulnCheck Initial Access Intelligence equips organizations and security teams with detection artifacts including Suricata signatures, YARA rules, PCAPs, and private exploit PoCs to defend against initial access vulnerabilities that are either already being exploited or likely to be exploited soon. In September 2024, VulnCheck crossed 290+ Initial Access Intelligence (IAI) artifacts, developing artifacts for 16 CVEs, covering 14 different vendors and products.

Recent vulnerability news disclosed significant endpoint vulnerabilities, including side-channel attacks, command injection, remote code execution (RCE), SQL injection, and keystroke interference. Notable events last week include the RAMBO attack, command injection problems in Progress Software’s LoadMaster, and several zero-day vulnerabilities in Microsoft products that may cause privilege escalation and RCE.

IT Security News Daily Summary 2024-09-15 USENIX Security ’23 – Multiview: Finding Blind Spots in Access-Deny Issues Diagnosis Fortifying The Digital Frontier: Everyday Habits That Shape Your Company’s Cybersecurity Posture YARA-X’s Dump Command, (Sun, Sep 15th) Port of Seattle shares ransomware attack details Ford’s Latest Patent: A Step Toward High-Tech Advertising or Privacy Invasion? TrickMo Android Trojan Abuses Accessibility Services for On-Device Financial Scam Combating Telecom Fraud: Trai and DoT’s Joint Effort Against Spam Calls Port of Seattle confirmed that Rhysida ransomware gang was behind the August attack Global Cybercrime Syndicate Falls in Singapore’s Largest-Ever Police Raid Florida Healthcare Data Leak Exposes Thousands of Doctors and Hospitals SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 11 Week in review: Veeam Backup & Replication RCE could soon be exploited, Microsoft fixes 4 0-days Games Box – 1,439,354 breached accounts Security Affairs newsletter Round 489 by Pierluigi Paganini – INTERNATIONAL EDITION Upcoming Speaking Engagements YARA 4.5.2 Release, (Sat, Sep 14th) IT Security News Daily Summary 2024-09-14 CosmicBeetle joins the ranks of RansomHub affiliates – Week in security with Tony Anscombe USENIX Security ’23 – On the Feasibility of Malware Unpacking via Hardware-assisted Loop Profiling RansomHub Ransomware: Exploiting Trusted Tools to Evade Detection U.S. CISA adds Ivanti Cloud Services Appliance Vulnerability to its Known Exploited Vulnerabilities catalog Ransomware Actors Refused to Provide Decryptor Even After Recieving Ransom Payment London’s Transit System Suffers Through Prolonged Cyberattack; Data Security a Concern Cryptocurrency Scams Surge in 2023, FBI Reports Record $5.6 Billion in Losses A Creative Trick Makes ChatGPT Spit Out Bomb-Making Instructions A new path for Kyber on the web NoName Hackers Use RansomHub in Recent Cyber Campaigns Ivanti Cloud Service Appliance flaw is being actively exploited in the wild Security News This Week: A Creative Trick Makes ChatGPT Spit Out Bomb-Making Instructions GitLab Warns of Critical Pipeline Execution Vulnerability How an Asset Inventory Improves The Five Essential Steps of a Risk Management Program Fileless Remcos RAT Campaign Leverages CVE-2017-0199 Flaw SquareX:

In this Help Net Security interview, John Hernandez, President and General Manager at Quest Software, shares practical advice for enhancing cybersecurity resilience against advanced threats. CVE-2024-40711, a critical vulnerability affecting Veeam Backup & Replication (VBR), could soon be exploited by attackers to steal enterprise data.

Ivanti has released software updates to address multiple security flaws impacting Endpoint Manager (EPM), including 10 critical vulnerabilities that could result in remote code execution. Ivanti said it has found no evidence of the flaws being exploited in the wild as a zero-day, but it’s essential that users update to the latest version to safeguard against potential threats.