Vulnerability Recap 4/15/24: Palo Alto, Microsoft, Ivanti Exploits

Typically, these vulnerabilities result in remote code execution or denial-of-service attacks, posing major dangers to users' data security.
Multiple Vulnerabilities Discovered in LG WebOS Smart TVs. Type of vulnerability: Authorization bypass, privilege escalation, command injection.
The problem: Bitdefender researchers discovered four vulnerabilities in LG WebOS smart TVs that allowed unauthorized access and control.
The problem: The Shadowserver Foundation found approximately 16,000 internet-exposed Ivanti VPN appliances that could be affected by CVE-2024-21894, a high-severity heap overflow vulnerability that allows remote code execution.
This vulnerability exists in all supported versions of Ivanti Connect Secure and Policy Secure.
The fix: On April 2, Ivanti provided fixes to address this problem and three other vulnerabilities.
Ivanti encourages all users to update their instances with the most recent software fixes to reduce the risks associated with CVE-2024-21894 and other vulnerabilities.
The problem: Microsoft performed a significant patch that addresses at least 150 vulnerabilities, with a focus on CVE-2024-29990, which affects Azure Kubernetes Service confidential containers.
The exploit has a CVSS severity of 9/10. This significant vulnerability allows unauthenticated attackers to take complete control of Azure Kubernetes clusters, allowing them to steal credentials and compromise sensitive containers.
The problem: Fortinet has released updates for several vulnerabilities, including a major remote code execution problem in FortiClientLinux.
This vulnerability enables unauthenticated remote attackers to execute arbitrary code via a code injection flaw.
Type of vulnerability: Denial-of-service, firewall disruption, data processing vulnerability.
The problem: Palo Alto Networks announced PAN-OS patches that addressed many critical vulnerabilities that might interrupt firewalls.
CVE-2024-3383 is another severe vulnerability that affects user access control via Cloud Identity Engine data processing.
The fix: Palo Alto Networks' update resolved these vulnerabilities involving decryption, user impersonation, and third-party components.
Type of vulnerability: Command injection, remote code execution.
The problem: Another Palo Alto Networks' incident last week disclosed a significant zero-day vulnerability, CVE-2024-3400, in PAN-OS software's GlobalProtect gateway.
This vulnerability allows unauthenticated attackers to run arbitrary code with root access.
While both cases involve vulnerabilities in Palo Alto Networks' PAN-OS software, the first incident focuses on high-severity vulnerabilities, such as denial-of-service problems, whilst the second incident exposes a severe zero-day vulnerability that allows remote code execution.
The problem: On April 9, rumors circulated about a zero-day vulnerability in Telegram's Windows app that enabled the automated running of Python programs.


This Cyber News was published on www.esecurityplanet.com. Publication date: Mon, 15 Apr 2024 22:13:04 +0000


Cyber News related to Vulnerability Recap 4/15/24: Palo Alto, Microsoft, Ivanti Exploits

Palo Alto Networks and IBM to Jointly Provide AI-Powered Security Offerings - PRESS RELEASE. SANTA CLARA, Calif. and ARMONK, N.Y., May 15, 2024 /PRNewswire/ - Palo Alto Networks, the global cybersecurity leader, and IBM, a leading provider of hybrid cloud and AI, today announced a broad-reaching partnership to deliver ...
5 months ago Darkreading.com
Palo Alto Networks and Deloitte Expand Strategic Alliance Globally - 1, 2024 /PRNewswire/ -- Palo Alto Networks (NASDAQ: PANW) and Deloitte today announced an expansion of their strategic alliance into EMEA and JAPAC regions, making Palo Alto Networks® AI-powered cybersecurity solutions and joint offerings available ...
1 month ago Darkreading.com
A Leader in 2024 Forrester Enterprise Firewall Solutions Wave - Palo Alto Networks has long recognized these challenges, which is why we’ve built a network security platform that not only protects but also fosters business growth and innovation in today’s complex environment. We believe the recognition of ...
1 month ago Paloaltonetworks.com
CISOs Grapple With IBM's Unexpected Cybersecurity Software Exit - IBM's surprise departure from cybersecurity software this week didn't just rearrange the competitive landscape - it also reshuffled the procurement plans and vendor relationships for many CISOs rebuilding their SOCs. IBM has agreed to sell the QRadar ...
5 months ago Darkreading.com
Research Shows 163% ROI with Palo Alto Networks Software Firewalls - Good news is here for cloud and network security professionals who need proven, cost-effective solutions that substantially reduce downtime and breaches across a range of cloud and virtualized environments. Palo Alto Networks software firewalls not ...
10 months ago Paloaltonetworks.com
Threat Brief: Ivanti Vulnerabilities CVE-2023-46805 and CVE-2024-21887 - On Jan. 10, 2024, Ivanti disclosed two new vulnerabilities in their Ivanti Connect Secure and Ivanti Policy Secure gateways: CVE-2023-46805 and CVE-2024-21887. The first CVE is a High severity authentication bypass vulnerability, and the second CVE ...
9 months ago Unit42.paloaltonetworks.com
Vulnerability Recap 4/15/24: Palo Alto, Microsoft, Ivanti Exploits - Typically, these vulnerabilities result in remote code execution or denial-of-service attacks, posing major dangers to users' data security. Multiple Vulnerabilities Discovered in LG WebOS Smart TVs. Type of vulnerability: Authorization bypass, ...
6 months ago Esecurityplanet.com
Ivanti discloses new zero-day flaw, releases delayed patches - Ivanti Wednesday released patches for two critical zero-day vulnerabilities that were disclosed earlier this month, but also warned customers of two new flaws, including a new zero-day that's under exploitation in the wild. In a security advisory on ...
9 months ago Techtarget.com
Palo Alto Networks Completes Acquisition of Talon - Palo Alto Networks announced today that it has completed the acquisition of Talon Cyber Security, an Israeli startup selling a secure browser technology to enterprise customers. Palo Alto first announced plans to buy Talon in November 2023 in a deal ...
10 months ago Securityweek.com
More mass exploits hit the same buggy Ivanti devices The Register - All manner of miscreants are piling onto the latest Ivanti flaw, a server-side request forgery vulnerability tracked as CVE-2024-21893, according to threat hunters tracking the string of CVEs that have been plaguing the software shop's gateways over ...
9 months ago Go.theregister.com
China-backed attackers blamed for Ivanti zero-day exploits The Register - Security experts believe Chinese nation-state attackers are actively exploiting two zero-day vulnerabilities in security products made by Ivanti. If you're an admin or a user of the two products affected, VPN service Ivanti Connect Secure and network ...
9 months ago Go.theregister.com
Exploit released for Palo Alto PAN-OS bug used in attacks, patch now - Exploit code is now available for a maximum severity and actively exploited vulnerability in Palo Alto Networks' PAN-OS firewall software. Tracked as CVE-2024-3400, this security flaw can let unauthenticated threat actors execute arbitrary code as ...
6 months ago Bleepingcomputer.com
Palo Alto Networks Recognized as a Leader in the 2023 Gartner Magic Quadrant for Endpoint Protection Platforms - Today, we are pleased to announce that Palo Alto Networks has been named a Leader in the 2023 Gartner Magic Quadrant for Endpoint Protection Platforms. Before we dive into the significance of this year's Magic Quadrant for EPP, I want to take a ...
9 months ago Paloaltonetworks.com
Palo Alto Networks Prevents Data Loss at Enterprise Scale with NVIDIA - With NVIDIA accelerated computing and AI software, cybersecurity leaders like Palo Alto Networks can safeguard vast amounts of sensitive information with unprecedented speed and accuracy, ushering in a new era of AI-driven data protection. The ...
1 month ago Paloaltonetworks.com
Unlocking the Economic Benefit of NGFWs - Cyberthreats are increasing in volume and complexity, making it difficult for network defenders to protect their organizations. Threat actors are evolving their tools and techniques, finding new ways to employ artificial intelligence to avoid ...
7 months ago Paloaltonetworks.com
SentinelOne vs Palo Alto Cortex XDR: Which Tool is Best? - SentinelOne and Palo Alto are two of the top brands in this space, and this comparison will help you decide if either one of the company's tools is right for you. SentinelOne's Singularity platform offers four subscription tiers that include their ...
5 months ago Techrepublic.com
CISA confirms compromise of its Ivanti systems - CISA confirmed two of its internal systems were breached by a threat actor that exploited flaws in Ivanti products used by the U.S. cybersecurity agency. Ivanti on Jan. 10 disclosed two zero-day vulnerabilities that were under exploitation by a ...
7 months ago Techtarget.com
RedTail Malware Abuses Palo Alto Flaw in Latest Cryptomining Campaign - Hackers with possible ties to the notorious North Korea-linked Lazarus Group are exploiting a recent critical vulnerability in Palo Alto Network's PAN-OS software to run a sophisticated cryptomining operation that likely has nation-state backing. In ...
5 months ago Securityboulevard.com
Ivanti urges customers to patch yet another critical vulnerability - This vulnerability only affects a limited number of supported versions-Ivanti Connect Secure, Ivanti Policy Secure version 22.5R1.1 and ZTA version 22.6R1.3. Please read between the lines that there could be unsupported versions which will never see ...
8 months ago Malwarebytes.com
How to track and stop CVE-2024-3400: Palo Alto Devices API Exploit Causing Critical Infrastructure and Enterprise Epidemics - On Friday April 12, Palo Alto disclosed that some versions of PAN-OS are not only vulnerable to remote code execution, but that the vulnerability has been actively exploited to install backdoors on Palo Alto firewalls. Palo Alto has marked this ...
6 months ago Securityboulevard.com
CISA Sets 48-hour Deadline for Removal of Insecure Ivanti Products - In an unprecedented move, the US government's cybersecurity agency CISA is demanding that federal agencies disconnect all instances of Ivanti Connect Secure and Ivanti Policy Secure products within 48 hours. Within 48 hours, the agency said federal ...
9 months ago Securityweek.com
Ivanti discloses fifth vulnerability The Register - In disclosing yet another vulnerability in its Connect Secure, Policy Secure, and ZTA gateways, Ivanti has confused the third-party researchers who discovered it. Researchers at watchTowr blogged today about not being credited with the discovery of ...
8 months ago Go.theregister.com
Ivanti confirms 2 zero-day vulnerabilities are under attack - CISA urged enterprises to address two Ivanti zero-day vulnerabilities that remain unpatched amid reports of active exploitation by a Chinese nation-state threat actor. Ivanti published a security advisory Wednesday for an authentication bypass ...
9 months ago Techtarget.com
Microsoft Incident Response lessons on preventing cloud identity compromise - Microsoft Incident Response is often engaged in cases where organizations have lost control of their Microsoft Entra ID tenant, due to a combination of misconfiguration, administrative oversight, exclusions to security policies, or insufficient ...
11 months ago Microsoft.com
Investing in Cloud Infrastructure in the Kingdom of Saudi Arabia - Digital transformation is at the heart of the Kingdom of Saudi Arabia's ambitious Vision 2030 program as the nation looks to future-proof its economy and enhance people's lives. The Kingdom is looking to diversify its economy and develop public ...
5 months ago Paloaltonetworks.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)