Set as Homepage - Add to Favorites

【Ask Me What You Want (2024)】

Source:Openness Information Network Editor:Entertainment Time:2025-06-26 23:21:54

The Ask Me What You Want (2024)U.S. Cybersecurity and Infrastructure Security Agency (CISA) has just added new exploits to its actively exploited list, as first noticed by BleepingComputer.

CISA's actions basically serve as a warning to U.S. federal agencies about vulnerabilities currently being exploited in the wild. 

One exploit being tracked, CVE-2023-20118, allows hackers to remotely "execute arbitrary commands" on certain VPN routers. These routers include Cisco Small Business Routers RV016, RV042, RV042G, RV082, RV320, and RV325.

You May Also Like

"An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface," CISA wrote. "A successful exploit could allow the attacker to gain root-level privileges and access unauthorized data."

Mashable Light Speed Want more out-of-this world tech, space and science stories? Sign up for Mashable's weekly Light Speed newsletter. By clicking Sign Me Up, you confirm you are 16+ and agree to our Terms of Use and Privacy Policy. Thanks for signing up!

In order to take advantage of this exploit, an attacker would need admin credentials. However, as BleepingComputer points out, hackers could take advantage of another vulnerability, CVE-2023-20025, in order to bypass authentication. 

Another vulnerability added by CISA is CVE-2018-8639. This bug affects a broad swath of Windows operating systems including Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, and Windows 10 Servers.

Related Stories
  • Hackers are targeting your password manager app
  • New 'browser syncjacking' cyberattack lets hackers take over your computer via Chrome
  • U.S. Treasury confirms it was breached by China-backed hackers
  • Hackers take over Google Chrome extensions in cyberattack
  • These Apple bugs were used by hackers in the wild. Now there's a fix.

According to CISA, this vulnerability "exists in Windows when the Win32k component fails to properly handle objects in memory." A bad actor with local access to the vulnerable system can utilize the exploit to run arbitrary code in kernel mode. BleepingComputer reports that a bad actor could use this vulnerability to "alter data or create rogue accounts with full user rights to take over vulnerable Windows devices."

Microsoft and Cisco have not yet released their own security warning regarding these two exploits.

Topics Cybersecurity

Previous:Best soundbar deal: Save $300 on the Sonos Arc

Next:Shop Owala's Memorial Day Sale for 30% off tumblers

Related Articles
Related Recommendations
Categories
Latest Articles
Popular Articles
Hot Recommendations
Featured Column

Quick Links

Diabetes patients' DIY solutions are still the standard of careThe Ballad of Ferguson, MissouriA Brief History of Insect Control'Quordle' today: See each 'Quordle' answer and hints for September 6, 2023On Unpleasantness and EmojiAI anxiety and employee monitoring: Workplace stress mountsTikTok's favorite water bottle makes hydration fun with customizable flavor filtersShiba Inu meme cryptocurrency poised to eat Dogecoin's lunch'Top Boy' Season 5 review: The powerful end this masterpiece of a series deservesBest ‘Starfield’ traits and backgrounds to pickAn Interview with Michael HofmannA Microinterview with Nell ZinkNotes on Oxford Dictionaries’ Word of the YearWhat teachers and parents wish they could tell kids about pornApple's Vision Pro will have iPad and iPhone apps from the startThe Ballad of Ferguson, MissouriPinterest unveils AI body type tech to increase representationRené Magritte Was Born on This Day in 1898All the President’s Turkeys by Dan PiepenbringHow William Eggleston Would Photograph a Baseball Game by Adam Sobsey Trump had a meeting about video game violence and showed a montage video 6 things you can do on International Women's Day to fight for gender equality in 2018 MoviePass collects alarming amount of data about you: Company responds 'Call Me By Your Name' is a book worth reading—even if you've already seen the film BlackBerry sues Facebook, Instagram, WhatsApp for patent infringement First look at Android P: Google goes all iPhone X's notch probably won't get smaller or disappear anytime soon Jessica Chastain handled an Instagram troll perfectly Even tires are smart now — and cars can fly 'Infinity War' teams says some Avengers are going to die A teenager was so thirsty for shirtless Michael B. Jordan, she broke her retainer SEC warning and hack rumors precede Bitcoin drop Samsung Galaxy Note 9 won't have an under China's Tiangong 'La La Land' and 'Greatest Showman' songwriters will tackle 'Aladdin' Trump's meeting about violence and video games is off to a bad start Patty Jenkins casts Kristen Wiig in 'Wonder Woman' sequel Jimmy Kimmel shoves Trump's trash talkin' tweet back in his face Marvel is going to make a sequel to 'Black Panther.' Obviously. The Clippers celebrate International Women's Day with...Ayn Rand?

2.5526s , 10112.3671875 kb

Copyright © 2025 Powered by 【Ask Me What You Want (2024)】,Openness Information Network  

Sitemap

Top

Quick Links