Weekly Digest Week 39 – 2024
Featured Story HPE Aruba Networking fixes critical flaws impacting Access Points HPE Aruba Networking has fixed three critical vulnerabilities in the Command Line Interface (CLI) service of its Aruba Access Points, which could let unauthenticated attackers gain remote code execution on vulnerable devices. The vulnerabilities (CVE-2024-42505, CVE-2024-42506, and CVE-2024-42507) can be exploited by sending specially […]
Weekly Digest Week 37 – 2024
Featured Story Microsoft Fixes Four Actively Exploited Zero-Days Microsoft’s latest Patch Tuesday update addressed four critical zero-day vulnerabilities that were actively exploited: CVE-2024-43491: RCE in Windows Update (CVSS 9.8), allowing unauthenticated code execution. CVE-2024-38014: Elevation of Privilege in Windows Installer with potential for full system control. CVE-2024-38217: MoTW bypass, likely exploited since 2018 and used […]
