Aug 18, 2021 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Crossfire: public exploit or PoC linked (Buffer Overflow)
  • 6 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Active exploit activity

CVE-2006-1236 Crossfire Buffer Overflow

  • Public exploit or PoC available
  • Exploit activity linked

Crossfire Buffer Overflow now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.

Critical exposure

CVE-2020-25928 The DNS feature in InterNiche NicheStack TCP/IP 4.0.1 is affected by: Buffer Overflow.

  • CVSS 9.8

New critical Hcc-embedded Nichestack Tcp\/ip Buffer Overflow (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2021-21825 Att Xmill RCE

  • CVSS 9.8
  • Remote code execution exposure

New critical Att Xmill RCE (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

CVE-2006-1236 Exploit

Buffer overflow in the SetUp function in socket/request.c in CrossFire 1.9.0 allows remote attackers to execute arbitrary code via a long...

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2020-25928 CVSS 9.8

The DNS feature in InterNiche NicheStack TCP/IP 4.0.1 is affected by: Buffer Overflow.

CVE-2021-21825 CVSS 9.8

A heap-based buffer overflow vulnerability exists in the XML Decompression PlainTextUncompressor::UncompressItem functionality of AT&T La...

CVE-2021-32588 CVSS 9.8

A use of hard-coded credentials (CWE-798) vulnerability in FortiPortal versions 5.2.5 and below, 5.3.5 and below, 6.0.4 and below, versio...

CVE-2021-34730 CVSS 9.8

New critical Cisco Application Extension Platform DoS disclosed.

CVE-2021-37358 CVSS 9.8

SQL Injection in SEACMS v210530 (2021-05-30) allows remote attackers to execute arbitrary code via the component "admin_ajax.php?action=c...

CVE-2021-37608 CVSS 9.8

Unrestricted Upload of File with Dangerous Type vulnerability in Apache OFBiz allows an attacker to execute remote commands.

View critical disclosures

cvelogic Threat Intelligence