The Lena Paul - The Next MorningU.S. Cybersecurity and Infrastructure Security Agency (CISA) has just added new exploits to its actively exploited list, as first noticed by BleepingComputer.
CISA's actions basically serve as a warning to U.S. federal agencies about vulnerabilities currently being exploited in the wild.
One exploit being tracked, CVE-2023-20118, allows hackers to remotely "execute arbitrary commands" on certain VPN routers. These routers include Cisco Small Business Routers RV016, RV042, RV042G, RV082, RV320, and RV325.
"An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface," CISA wrote. "A successful exploit could allow the attacker to gain root-level privileges and access unauthorized data."
In order to take advantage of this exploit, an attacker would need admin credentials. However, as BleepingComputer points out, hackers could take advantage of another vulnerability, CVE-2023-20025, in order to bypass authentication.
Another vulnerability added by CISA is CVE-2018-8639. This bug affects a broad swath of Windows operating systems including Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, and Windows 10 Servers.
According to CISA, this vulnerability "exists in Windows when the Win32k component fails to properly handle objects in memory." A bad actor with local access to the vulnerable system can utilize the exploit to run arbitrary code in kernel mode. BleepingComputer reports that a bad actor could use this vulnerability to "alter data or create rogue accounts with full user rights to take over vulnerable Windows devices."
Microsoft and Cisco have not yet released their own security warning regarding these two exploits.
Topics Cybersecurity
Best Soundcore by Anker Space A40 earbuds deal: Save $35 at Amazon
OnePlus 7 Pro has a 6.7
Facebook warns advertisers: You might not like 'clear history'
Here's why San Francisco's vote to ban facial
Best AirPods deal: Apple AirPods 4 for $99.99 at Amazon
What Apple's Supreme Court case means for the future of the App Store
Syrian girl who received Harry Potter books is 'trapped' after bombing
Trump's victory is driving the youth of America to fight back
The Portable Workstation: Dell XPS 13 + 32 UltraSharp 4K Monitor
Uber tests out no
Then and Now: Six Generations of $200 Mainstream Radeon GPUs Compared
What to buy for the person in your life whose only interest is Kylie Jenner's lips
Teen decorates grad cap with QR code that honors those killed in school shootings
Pottermore and Warner Bros. announce joint Wizarding World website
Cyberattack on healthcare chain exposes sensitive data of 5.6 million patients
Everything you need to know about Global Accessibility Awareness Day
Facebook rolls out 'one strike' policy for live
Syrian girl who received Harry Potter books is 'trapped' after bombing
Shop iPad deals during Best Buy's Apple savings event
Donald Trump has unveiled his new presidential hat to the world
Lizzo synced up perfectly to Disney's classic 'The Aristocats'Prince Harry walks through Angola minefield 22 years after Princess Diana did the sameUber buries its ride map to put Uber Eats front and center4chan trolling turned the OK sign into a symbol of hateConfessions of a Tinder Tourist: The rules of rightThe White House just brutally burned Australia's Prime MinisterLizzo synced up perfectly to Disney's classic 'The Aristocats'Selena Gomez opens up about her aunt immigrating to the U.S. 'in the back of a truck'Facebook is thinking about removing like counts'The Simpsons' foretold Lady Gaga's entire Super Bowl performance years agoMassive DoorDash hack exposes millions of customers' personal dataElon Musk throws subtle shade at Trump over travel banHeartwarming video shows boy with Down syndrome dancing to 'Born This Way''Untitled Goose Game' has everyone living their best chaotic livesThoughtful dad sends flowers not to his wife, but to his dogSexy Mr. Clean just turned on everyone watching the Super BowlWe need to talk about public EV charging etiquetteTesla has figured out a way to efficiently warm (and cool) your buttScore up to 50% off during this huge AllSaints salePowerful magazine covers depict America after Trump's immigration ban Giants vs. Texans livestream: How to watch the NFL preseason for free Best charger deal: Get the Anker 735 charger for just $30 at Amazon Chicago Sky vs. Connecticut Sun 2024 livestream: Watch live WNBA Lions vs. Chiefs livestream: How to watch the NFL preseason for free Lille vs. Slavia Prague 2024 livestream: Watch Champions League for free Wordle today: The answer and hints for August 19 Apple Podcasts are now available on the web Best free AI and ChatGPT courses TikTok crowns 'Million Dollar Baby' its song of the summer: See the full list Wordle today: The answer and hints for August 20 Free daily crosswords, mahjong, Sudoku, solitaire, and more: Games are coming to Mashable NYT Strands hints, answers for August 20 Donald Trump posts AI image to attack Kamala Harris Rugby Championship 2024 livestream: How to watch Rugby Championship for free Best Shark deals this week: Save up to $100 on a robot vacuum, air purifier, and more Best iPad deal: 9th Generation iPad lowest price Packers vs. Broncos livestream: How to watch the NFL preseason for free NYT Strands hints, answers for August 17 Young Boys vs. Galatasaray 2024 livestream: Watch Champions League for free Best earbud deal: Get a pair of Amazon Echo Buds for just $54.99
1.7843s , 8207.4453125 kb
Copyright © 2025 Powered by 【Lena Paul - The Next Morning】,Evergreen Information Network