Lab Tag: Vulnerabilities

Articles

Preventing exploitation of the Follina vulnerability in MSDT

The Follina Exploit A zero-click Remote Code Execution (RCE) vulnerability has started making the rounds which is leveraging functionality within applications such as Microsoft Word. This vulnerability exists when the...

New Exchange RCE vulnerability actively exploited

Exchange admins now have another exploit to deal with despite still reeling from a number of high profile attacks this year including ProxyLogon and ProxyShell. A new high severity Remote Code Execution (RCE) exploit for on-premise Exchange Servers has been…

VMware vCenter Critical RCE Vulnerability

Last week, VMware released a security advisory that contained information regarding several high severity vulnerabilities, which are present within all currently supported versions of the vCenter Server virtualisation management software. Security researchers George Noseevich and Sergey Gerasimov reported a critical…

Fortinet WAF allows remote code execution

A new exploit discovered in Fortinet’s Web application firewall (WAF) solution, FortiWeb, is currently vulnerable to command injection. The vulnerability, affecting versions 6.3.11 and prior, was discovered and reported by a Rapid7 researcher, William Wu. This type of attack has…

Microsoft Exchange Proxy Vulnerabilities

Earlier this month (August 2021), a security researcher named Orange Tsai discussed the details of a series of new Microsoft Exchange exploits at the annual BlackHat USA 2021 security conference. Tsai published a total of eight vulnerabilities, one of which…

PetitPotam: Windows AD CS NTLM Relay Attack

Last month (July 2021) a security researcher, Topotam, released a Proof of Concept (PoC) exploit that would achieve a full compromise of a Windows domain running Active Directory Certificate Service (AD CS). The Microsoft Advisory describes the security flaw as “a classic NTLM Relay…