Feb 10, 2022 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Microsoft Windows: 8 CVEs added to CISA KEV today.
  • Hms Project Hms: public exploit or PoC linked (SQL Injection)
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2014-4404 Apple OS X Heap-Based Buffer Overflow

  • Actively exploited (CISA KEV)
  • Listed on CISA KEV

Apple OS X Buffer Overflow is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.

Active exploit activity

CVE-2021-24931 Ays-pro Secure Copy Content Protection And Content Locking SQL Injection

  • Public exploit or PoC available
  • Exploit activity linked
  • Internet-facing CMS deployments affected

WordPress plugin exposure with public exploit material — mass targeting of internet-facing CMS installs is common once PoCs circulate.

Critical exposure

CVE-2022-20709 Cisco Rv340 Firmware DoS

  • CVSS 10
  • Network edge / SD-WAN deployments affected

New critical Cisco Rv340 Firmware DoS (CVSS 10) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Jenkins Stapler Web Framework Deserialization of Untrusted Data

Oracle Corporation WebLogic Server Remote Code Execution

Microsoft Windows Shell (.lnk) Remote Code Execution

View KEV additions

Exploit & PoC activity

CVE-2022-23366 Exploit

HMS v1.0 was discovered to contain a SQL injection vulnerability via patientlogin.php.

CVE-2021-24931 Exploit

The Secure Copy Content Protection and Content Locking WordPress plugin before 2.8.2 does not escape the sccp_id parameter of the ays_scc...

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2021-45364 CVSS 9.8

A Code Execution vulnerability exists in Statamic Version through 3.2.26 via SettingsController.php.

CVE-2022-20709 CVSS 10

Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the f...

CVE-2022-20710 CVSS 10

Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the f...

CVE-2022-20711 CVSS 10

Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the f...

CVE-2022-20712 CVSS 10

Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the f...

CVE-2022-20749 CVSS 10

Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the f...

CVE-2022-23806 CVSS 9.1

Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return true in situations with a big.Int...

CVE-2022-24568 CVSS 9.8

Novel-plus v3.6.0 was discovered to be vulnerable to Server-Side Request Forgery (SSRF) via user-supplied crafted input.

CVE-2022-24954 CVSS 9.8

Foxit PDF Reader before 11.2.1 and Foxit PDF Editor before 11.2.1 have a Stack-Based Buffer Overflow related to XFA, for the 'subform col...

CVE-2022-24955 CVSS 9.8

Foxit PDF Reader before 11.2.1 and Foxit PDF Editor before 11.2.1 have an Uncontrolled Search Path Element for DLL files.

View critical disclosures

cvelogic Threat Intelligence