DESCRIPTION:A vulnerability has been discovered in SolarWinds Serv-U, which couldresult in remote code execution. SolarWinds Serv-U is an FTP serversoftware for secure file transfer. Successful exploitation of thisvulnerability could allow for remote code execution within the contextof a privileged process. Depending on the privileges associated withthis application, an attacker could then install programs; view, change,or delete data; or create new accounts with full user rights....
Read More
DESCRIPTION:Multiple vulnerabilities have been discovered in Kaseya VSA that couldallow for arbitrary code execution. Kaseya VSA is a software used byMSPs to remotely manage networks and endpoints. Successful exploitationof these vulnerabilities could result in arbitrary code execution withinthe context of the application, an attacker gaining the same privilegesas the logged-on user, or the bypassing of security restrictions.Depending on the permission associated with the application running...
Read More
DESCRIPTION:Multiple vulnerabilities have been discovered in the Google Androidoperating system (OS), the most severe of which could allow forarbitrary code execution. Android is an operating system developed byGoogle for mobile devices, including, but not limited to, smartphones,tablets, and watches. Successful exploitation of the most severe ofthese vulnerabilities could allow for arbitrary code execution withinthe context of a privileged process. Depending on the privilegesassociated with this...
Read More
DESCRIPTION:Multiple vulnerabilities have been discovered in Microsoft products, themost severe of which could allow for arbitrary code execution in thecontext of the logged-on user. Depending on the privileges associatedwith the user, an attacker could then install programs; view, change, ordelete data; or create new accounts with full user rights. Users whoseaccounts are configured to have fewer user rights on the system could beless impacted than...
Read More
Description:Eclypsium researchers have identified multiple vulnerabilities affecting the BIOSConnect feature within Dell Client BIOS.This chain of vulnerabilities has a cumulative CVSS score of 8.3 (High) because it allows a privileged network adversary to impersonate Dell.com andgain arbitrary code execution at the BIOS/UEFI level of the affected device. Such an attack would enable adversaries to control the device’s boot process andsubvert the operating system and higher-layer...
Read More
