[LINK] Known Exploited Vulnerabilities Catalog

[Stephen Loosley]

The U.S. government's  Cybersecurity and Infrastructure Security Agency (CISA)  keeps a running tally of all vulnerable-code found to be weaponized

Four of the latest ten this week are from Microsoft .. https://www.cisa.gov/known-exploited-vulnerabilities-catalog


VE-2023-32046<https://nvd.nist.gov/vuln/detail/CVE-2023-32046>MicrosoftWindows MSHTML PlatformMicrosoft Windows MSHTML Platform Privilege Escalation Vulnerability2023-07-11Microsoft Windows MSHTML Platform contains an unspecified vulnerability that allows for privilege escalation.Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.2023-08-01

  *   Notes https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-32046

CVE-2023-32049<https://nvd.nist.gov/vuln/detail/CVE-2023-32049>MicrosoftWindows Defender SmartScreenMicrosoft Windows Defender SmartScreen Security Feature Bypass Vulnerability2023-07-11Microsoft Windows Defender SmartScreen contains a security feature bypass vulnerability that allows an attacker to bypass the Open File - Security Warning prompt.Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.2023-08-01

  *   Notes https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-32049

CVE-2023-35311<https://nvd.nist.gov/vuln/detail/CVE-2023-35311>MicrosoftOutlookMicrosoft Outlook Security Feature Bypass Vulnerability2023-07-11Microsoft Outlook contains a security feature bypass vulnerability that allows an attacker to bypass the Microsoft Outlook Security Notice prompt.Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.2023-08-01

  *   Notes https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-35311

CVE-2023-36874<https://nvd.nist.gov/vuln/detail/CVE-2023-36874>MicrosoftWindows Error Reporting ServiceMicrosoft Windows Error Reporting Service Privilege Escalation Vulnerability2023-07-11Microsoft Windows Error Reporting Service contains an unspecified vulnerability that allows for privilege escalation.Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.2023-08-01

  *   Notes https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-36874

CVE-2022-31199<https://nvd.nist.gov/vuln/detail/CVE-2022-31199>NetwrixAuditorNetwrix Auditor Insecure Object Deserialization Vulnerability2023-07-11Netwrix Auditor User Activity Video Recording component contains an insecure objection deserialization vulnerability that allows an unauthenticated, remote attacker to execute code as the NT AUTHORITY\SYSTEM user. Successful exploitation requires that the attacker to be able to reach port 9004/TCP, which is commonly blocked by standard enterprise firewalling.Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.2023-08-01

  *   Notes Patch application requires login to customer portal: https://security.netwrix.com/Account/SignIn?ReturnUrl=%2FAdvisories%2FADV-2022-003

CVE-2021-29256<https://nvd.nist.gov/vuln/detail/CVE-2021-29256>ArmMali Graphics Processing Unit (GPU)Arm Mali GPU Kernel Driver Use-After-Free Vulnerability2023-07-07Arm Mali GPU Kernel Driver contains a use-after-free vulnerability that may allow a non-privileged user to gain root privilege and/or disclose information.Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.2023-07-28

  *   Notes https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities

CVE-2019-17621<https://nvd.nist.gov/vuln/detail/CVE-2019-17621>D-LinkDIR-859 RouterD-Link DIR-859 Router Command Execution Vulnerability2023-06-29D-Link DIR-859 router contains a command execution vulnerability in the UPnP endpoint URL, /gena.cgi. Exploitation allows an unauthenticated remote attacker to execute system commands as root by sending a specially crafted HTTP SUBSCRIBE request to the UPnP service when connecting to the local network.Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.2023-07-20

  *   Notes https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10147

CVE-2019-20500<https://nvd.nist.gov/vuln/detail/CVE-2019-20500>D-LinkDWL-2600AP Access PointD-Link DWL-2600AP Access Point Command Injection Vulnerability2023-06-29D-Link DWL-2600AP access point contains an authenticated command injection vulnerability via the Save Configuration functionality in the Web interface, using shell metacharacters in the admin.cgi?action=config_save configBackup or downloadServerip parameter.Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.2023-07-20

  *   Notes https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10113

CVE-2021-25487<https://nvd.nist.gov/vuln/detail/CVE-2021-25487>SamsungMobile DevicesSamsung Mobile Devices Out-of-Bounds Read Vulnerability2023-06-29Samsung mobile devices contain an out-of-bounds read vulnerability within the modem interface driver due to a lack of boundary checking of a buffer in set_skb_priv(), leading to remote code execution by dereference of an invalid function pointer.Apply updates per vendor instructions or discontinue use of the product if updates are unavailable2023-07-20

  *   Notes https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=10

CVE-2021-25489<https://nvd.nist.gov/vuln/detail/CVE-2021-25489>SamsungMobile DevicesSamsung Mobile Devices Improper Input Validation Vulnerability2023-06-29Samsung mobile devices contain an improper input validation vulnerability within the modem interface driver that results in a format string bug leading to kernel panic.Apply updates per vendor instructions or discontinue use of the product if updates are unavailable2023-07-20

  *   Notes https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=10