CVE Spotlight
Latest security vulnerabilities affecting Australian businesses
Microsoft Exchange Server Remote Code Execution Vulnerability
A remote code execution vulnerability exists in Microsoft Exchange Server when the software fails to properly validate input.
Impact
An unauthenticated attacker could execute arbitrary code on the Exchange server.
Mitigation
Apply January 2025 Exchange Server security updates immediately
Cisco ASA SSL VPN Authentication Bypass
An authentication bypass vulnerability in Cisco ASA SSL VPN allows unauthenticated access.
Impact
Remote unauthenticated attackers can bypass authentication and gain VPN access.
Mitigation
Upgrade to ASA software version 9.18.4.47 or later
VMware vSphere Client Privilege Escalation
A privilege escalation vulnerability in VMware vSphere Client allows authenticated users to gain administrative privileges.
Impact
Authenticated users with limited privileges can escalate to full administrative access.
Mitigation
Apply VMware security advisory VMSA-2025-0001
Microsoft Exchange Server Remote Code Execution Vulnerability
A remote code execution vulnerability exists in Microsoft Exchange Server when the software fails to properly validate input.
Impact
An unauthenticated attacker could execute arbitrary code on the Exchange server.
Mitigation
Apply January 2025 Exchange Server security updates immediately
Cisco ASA SSL VPN Authentication Bypass
An authentication bypass vulnerability in Cisco ASA SSL VPN allows unauthenticated access.
Impact
Remote unauthenticated attackers can bypass authentication and gain VPN access.
Mitigation
Upgrade to ASA software version 9.18.4.47 or later
Jenkins Remote Code Execution via Plugin
A remote code execution vulnerability in Jenkins core allows arbitrary code execution.
Impact
Authenticated attackers can execute arbitrary code on Jenkins servers.
Mitigation
Update to Jenkins 2.426.2 LTS or 2.470 weekly or later
Apache Struts Remote Code Execution
A remote code execution vulnerability in Apache Struts when processing file uploads.
Impact
Remote attackers can execute arbitrary code on vulnerable Struts applications.
Mitigation
Update to Apache Struts 2.5.33 or 6.3.0.2 or later
Microsoft Teams Remote Code Execution
A remote code execution vulnerability exists in Microsoft Teams when the application fails to properly sanitize input.
Impact
An attacker could execute arbitrary code in the context of the current user.
Mitigation
Update to Microsoft Teams version 1.7.00.26062 or later
SolarWinds Orion Platform SQL Injection
An SQL injection vulnerability in SolarWinds Orion Platform allows unauthorized database access.
Impact
Authenticated attackers can extract sensitive information from the Orion database.
Mitigation
Apply SolarWinds security hotfix 2025.3.1 or later
Windows TCP/IP Remote Code Execution Vulnerability
A remote code execution vulnerability exists in the Windows TCP/IP stack.
Impact
An unauthenticated attacker could send specially crafted IPv6 packets to cause remote code execution.
Mitigation
Apply August 2024 Windows security updates immediately
Windows MSHTML Platform Spoofing Vulnerability
A spoofing vulnerability exists in Windows MSHTML Platform when it improperly validates input.
Impact
An attacker could exploit this vulnerability to spoof content, perform phishing attacks, or redirect users.
Mitigation
Install July 2024 Windows security updates
Windows Remote Desktop Licensing Service Remote Code Execution
A remote code execution vulnerability exists in Windows Remote Desktop Licensing Service.
Impact
An unauthenticated attacker could send a specially crafted request to execute arbitrary code.
Mitigation
Apply July 2024 Windows security updates and restrict RDS access
Palo Alto Networks Expedition SQL Injection
An SQL injection vulnerability in Palo Alto Networks Expedition allows unauthenticated attackers to reveal usernames, passwords, device configurations, and device API keys.
Impact
Complete compromise of Expedition tool and connected firewall configurations.
Mitigation
Update to Expedition 1.2.96 or later and reset all credentials
Atlassian Confluence Data Center Remote Code Execution
Improper neutralization of special elements used in an OS command in Confluence Data Center and Server.
Impact
Unauthenticated attackers can execute arbitrary system commands on the server.
Mitigation
Update to Confluence 8.5.8, 8.9.1, or later versions immediately
VMware ESXi Authentication Bypass
An authentication bypass vulnerability affecting VMware ESXi, Workstation, and Fusion products.
Impact
A malicious actor with sufficient Active Directory permissions can gain full access to an ESXi host.
Mitigation
Apply VMware security updates VMSA-2024-0012
Microsoft Windows Scripting Engine Memory Corruption
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft browsers.
Impact
An attacker could corrupt memory in a way that enables arbitrary code execution in the context of the current user.
Mitigation
Install August 2024 Windows and Internet Explorer security updates
Google Chrome Type Confusion Vulnerability
Type confusion vulnerability in V8 JavaScript engine in Google Chrome prior to version 125.0.6422.60.
Impact
Remote attackers could potentially exploit heap corruption via a crafted HTML page.
Mitigation
Update to Chrome version 125.0.6422.60 or later
Windows File Explorer Remote Code Execution
A remote code execution vulnerability exists when Windows File Explorer improperly handles calls to Advanced Local Procedure Call (ALPC).
Impact
An attacker who successfully exploited this vulnerability could run arbitrary code in the context of the current user.
Mitigation
Apply August 2024 Windows security updates
Windows Mark of the Web Security Feature Bypass
A security feature bypass vulnerability exists in Windows when it improperly handles Mark of the Web (MOTW).
Impact
An attacker could bypass Windows Defender SmartScreen checks and execute malicious files.
Mitigation
Install September 2024 Windows security updates
Cisco IOS XE Web UI Privilege Escalation
A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an authenticated, remote attacker to elevate privileges.
Impact
An attacker could exploit this vulnerability to gain administrator-level privileges.
Mitigation
Apply Cisco security updates and disable web UI if not required
Cisco IOS XE Web UI Privilege Escalation
A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an authenticated, remote attacker to elevate privileges.
Impact
An attacker could exploit this vulnerability to gain administrator-level privileges.
Mitigation
Apply Cisco security updates and disable web UI if not required
Microsoft Project Remote Code Execution Vulnerability
A remote code execution vulnerability exists in Microsoft Project when it fails to properly handle objects in memory.
Impact
An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.
Mitigation
Apply August 2024 Microsoft Project security updates
OpenSSH Remote Code Execution via Signal Handler
A race condition vulnerability in OpenSSH server signal handler could lead to remote code execution.
Impact
Remote unauthenticated attackers may be able to execute arbitrary code as root.
Mitigation
Update to OpenSSH 9.8p1 or later versions
Windows Installer Elevation of Privilege
An elevation of privilege vulnerability exists when Windows Installer improperly handles certain file operations.
Impact
An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.
Mitigation
Apply June 2024 Windows security updates
Apache HTTP Server SSRF Vulnerability
Server-Side Request Forgery (SSRF) vulnerability in Apache HTTP Server mod_rewrite module.
Impact
Attackers can make the server perform unintended requests to internal or external systems.
Mitigation
Update to Apache HTTP Server 2.4.60 or later
Windows Update Stack Elevation of Privilege
An elevation of privilege vulnerability exists in the Windows Update Stack when it improperly handles calls to Advanced Local Procedure Call (ALPC).
Impact
An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.
Mitigation
Install August 2024 Windows security updates
Fortinet FortiOS Out-of-bounds Write
An out-of-bounds write vulnerability in FortiOS SSL-VPN may allow a remote unauthenticated attacker to execute arbitrary code.
Impact
Remote code execution on FortiGate devices with SSL-VPN enabled.
Mitigation
Upgrade to FortiOS 7.4.3, 7.2.7, 7.0.14, or disable SSL-VPN if not required
Windows Kernel Elevation of Privilege
An elevation of privilege vulnerability exists in the Windows kernel when it fails to properly handle objects in memory.
Impact
An attacker who successfully exploited this vulnerability could run processes in an elevated context.
Mitigation
Apply July 2024 Windows security updates
Rejetto HTTP File Server Remote Code Execution
A template injection vulnerability in Rejetto HTTP File Server (HFS) allows remote code execution.
Impact
Unauthenticated remote attackers can execute arbitrary commands on the server.
Mitigation
Update to HFS 2.4.0 RC7 or later, or discontinue use if not required
Windows Kernel Information Disclosure
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory.
Impact
An attacker who successfully exploited this vulnerability could obtain information to further compromise the system.
Mitigation
Install July 2024 Windows security updates
Google Chrome Out-of-bounds Memory Access
An out-of-bounds memory access vulnerability in V8 JavaScript engine in Google Chrome.
Impact
Remote attackers could potentially exploit heap corruption via a crafted HTML page.
Mitigation
Update to Chrome version 120.0.6099.224 or later
VMware vCenter Server Privilege Escalation
A privilege escalation vulnerability in VMware vCenter Server due to improper permissions.
Impact
Authenticated users with non-administrative privileges may escalate to root.
Mitigation
Apply VMware security patches VMSA-2024-0006
Progress Kemp LoadMaster Command Injection
An unauthenticated command injection vulnerability in Progress Kemp LoadMaster.
Impact
Remote unauthenticated attackers can execute arbitrary system commands.
Mitigation
Upgrade to LoadMaster firmware 7.2.59.1 or later
Fortra GoAnywhere MFT Authentication Bypass
An authentication bypass vulnerability in Fortra GoAnywhere MFT allows unauthorized access.
Impact
Unauthenticated attackers can access the administrative interface and create admin users.
Mitigation
Apply security patch 7.4.1 or later, restrict admin interface access
Fortinet FortiOS Out-of-bounds Write
An out-of-bounds write vulnerability in FortiOS SSL-VPN may allow a remote unauthenticated attacker to execute arbitrary code.
Impact
Remote code execution on FortiGate devices with SSL-VPN enabled.
Mitigation
Upgrade to FortiOS 7.4.3, 7.2.7, 7.0.14, or disable SSL-VPN if not required
Rejetto HTTP File Server Remote Code Execution
A template injection vulnerability in Rejetto HTTP File Server (HFS) allows remote code execution.
Impact
Unauthenticated remote attackers can execute arbitrary commands on the server.
Mitigation
Update to HFS 2.4.0 RC7 or later, or discontinue use if not required
Google Chrome Out-of-bounds Memory Access
An out-of-bounds memory access vulnerability in V8 JavaScript engine in Google Chrome.
Impact
Remote attackers could potentially exploit heap corruption via a crafted HTML page.
Mitigation
Update to Chrome version 120.0.6099.224 or later
VMware vCenter Server Privilege Escalation
A privilege escalation vulnerability in VMware vCenter Server due to improper permissions.
Impact
Authenticated users with non-administrative privileges may escalate to root.
Mitigation
Apply VMware security patches VMSA-2024-0006
Progress Kemp LoadMaster Command Injection
An unauthenticated command injection vulnerability in Progress Kemp LoadMaster.
Impact
Remote unauthenticated attackers can execute arbitrary system commands.
Mitigation
Upgrade to LoadMaster firmware 7.2.59.1 or later
Fortra GoAnywhere MFT Authentication Bypass
An authentication bypass vulnerability in Fortra GoAnywhere MFT allows unauthorized access.
Impact
Unauthenticated attackers can access the administrative interface and create admin users.
Mitigation
Apply security patch 7.4.1 or later, restrict admin interface access
CVE Resources and Tools
NIST National Vulnerability Database
Official US government repository of standards-based vulnerability management data
CVE Program
Community-driven effort to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities
ACSC Security Advisories
Australian Cyber Security Centre advisories and vulnerability alerts
CVSS Calculator
Common Vulnerability Scoring System for assessing vulnerability severity
Need Help Managing Vulnerabilities?
Staying on top of CVEs and security vulnerabilities requires expertise and dedicated resources. Partner with Australia's leading cybersecurity specialists for comprehensive vulnerability management.
Get Free Security Scan