menu
techminis

A naukri.com initiative

google-web-stories
source image

Securelist

2w

read

13

img
dot

Image Credit: Securelist

Exploits and vulnerabilities in Q3 2024

  • Q3 2024 saw multiple vulnerabilities discovered in Windows and Linux subsystems that are not standard for cyberattacks.
  • The total number of first-time publications of PoCs for fresh CVEs rose by 2%, which indicates an acceleration in exploit creation.
  • Kaspersky solutions for Windows include vulnerabilities in Microsoft Office, Windows Error Reporting Service, Microsoft Streaming Service Proxy, WinRAR.
  • Kaspersky products detected vulnerabilities in Linux OverlayFS kernel module, Sudo utility command in the system, dynamic loader ld.so, Netfilter subsystem, kernel memory management system and nftables.
  • Vulnerabilities critical for exploitation were more likely than before to be related to operating system subsystems.
  • The ranking of TOP 10 vulnerabilities exploited in APT attacks includes vulnerabilities that grant access to systems running web applications and mail servers.
  • CVE-2024-47177 (CUPS filters) discovered in Linux version of CUPS, a printing toolkit for Unix-like operating systems can be exploited through FoomaticRIPCommandLine.
  • CVE-2024-6387 (regreSSHion) vulnerability caused a stir in Q3 2024; an attack on a system at the very stage when the SSH server receives authentication data.
  • CVE-2024-3183 (Free IPA) provides centralized identity management and authentication for Linux systems. A user with minimal privileges on the network can sniff ticket encryption data and use it to carry out a Kerberoasting attack.
  • CVE-2024-5290 (Ubuntu wpa_supplicant) vulnerability was caused by a misconfigured RPC interface the default setting allowed a regular user to access quite critical functionality.

Read Full Article

like

Like

For uninterrupted reading, download the app