A local elevation of privilege vulnerability (CVE-2021-41379) in the Windows Installer that Microsoft supposedly fixed on November 2021 Patch Tuesday is, according to its discoverer, still exploitable. What’s more, it is already being leveraged by malware developers. About the flaw and the exploit Abdelhamid Naceri, who reported the flaw through the Trend Micro Zero Day…

Successful exploitation of these vulnerabilities could allow attackers to cause a denial of service (DoS) condition, execute arbitrary commands as root, or elevate privileges. Two high-severity issues (CVE-2021-34779, CVE-2021-34780) were found in the Link Layer Discovery Protocol (LLDP) implementation for Small Business 220 series smart switches, leading to the execution of arbitrary code and a…

The affected tool is R-SeeNet, which is designed to help network administrators monitor their Advantech routers. Talos researchers discovered that R-SeeNet is affected by seven vulnerabilities, a majority of which have been assigned a critical severity rating. An attacker can exploit the vulnerabilities to execute arbitrary JavaScript code in the targeted user’s browser by getting…

Reports of in-the-wild exploitation emerged shortly after cybersecurity firm Positive Technologies released a proof-of-concept (PoC) exploit for the vulnerability tracked as CVE-2020-3580. Others also released PoC exploits shortly after. CVE-2020-3580 is one of the several XSS vulnerabilities patched in October 2020 by Cisco in its ASA and FTD products. Some of these flaws were reported…

Cisco describes Smart Install as a plug-and-play configuration and image-management feature that provides zero-touch deployment for new switches. Smart Install can be very useful for organizations, but it can also pose a serious security risk. Once a device has been set up through Smart Install, the feature remains enabled and it can be accessed without…

SMB, which stands for Server Message Block, is a protocol for sharing files, printers, and serial ports. Apple’s own SMB stack is called SMBX. Talos disclosed seven vulnerabilities found in SMBX server components and also detailed the process it used to identify them. One of the security holes was fixed silently by Apple, one was…

Cisco today confirmed plans to acquire Kenna Security, provider of vulnerability management technology, with plans to integrate its capabilities into the SecureX platform. Kenna Security’s technology uses machine learning to analyze threat data and identify which risks organizations should prioritize – a useful technology to have at a time when organizations are struggling with a…

Two critical vulnerabilities were patched in the SD-WAN vManage software, alongside three high-severity issues. The bugs are not dependent on one another and their exploitation doesn’t require exploitation of the others. One of the critical flaws (CVE-2021-1468, CVSS score 9.8) could allow unauthenticated, remote attackers to call privileged actions and even create new administrative accounts,…

Tracked as CVE-2021-1448 and having a CVSS score of 7.8, the command injection bug is mitigated by the fact that authentication and local access are required for successful exploitation. An attacker able to abuse it, however, may execute arbitrary commands as root on the underlying OS. The flaw exists because user-supplied command arguments aren’t sufficiently…