Aug 18, 2022 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Apple IOS And MacOS: 2 CVEs added to CISA KEV today.
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2017-15944 Palo Alto Networks PAN-OS Remote Code Execution

  • Actively exploited (CISA KEV)
  • Listed on CISA KEV
  • Remote code execution exposure

Palo Alto Networks PAN-OS RCE is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.

Critical exposure

CVE-2022-25899 Intel Open Active Management Technology Cloud Toolkit Auth Bypass

  • CVSS 9.8
  • Authentication bypass — unauthenticated access risk

New critical Intel Open Active Management Technology Cloud Toolkit Auth Bypass (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2022-30601 Intel Active Management Technology Firmware Info Disclosure

  • CVSS 9.8

New critical Intel Active Management Technology Firmware Info Disclosure (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

CVE-2022-2856 KEV

Google Chromium Intents Insufficient Input Validation

CVE-2022-26923 KEV

Microsoft Active Directory Domain Services Privilege Escalation

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2020-36599 CVSS 9.8

lib/omniauth/failure_endpoint.rb in OmniAuth before 1.9.2 (and before 2.0) does not escape the message_key value.

CVE-2022-25899 CVSS 9.8

Authentication bypass for the Open AMT Cloud Toolkit software maintained by Intel(R) before versions 2.0.2 and 2.2.2 may allow an unauthe...

CVE-2022-30601 CVSS 9.8

Insufficiently protected credentials for Intel(R) AMT and Intel(R) Standard Manageability may allow an unauthenticated user to potentiall...

CVE-2022-35540 CVSS 9.8

Hardcoded JWT Secret in AgileConfig <1.6.8 Server allows remote attackers to use the generated JWT token to gain administrator access.

CVE-2022-36722 CVSS 9.8

Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the title parameter at /librarian/history.php.

CVE-2022-36725 CVSS 9.8

Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the M_Id parameter at /student/dele.php.

CVE-2022-36727 CVSS 9.8

Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the bookId parameter at /staff/delete.php.

CVE-2022-36728 CVSS 9.8

Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the RollNo parameter at /staff/delstu.php.

CVE-2022-36729 CVSS 9.8

Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the M_Id parameter at /librarian/del.php.

CVE-2022-36947 CVSS 9.8

Unsafe Parsing of a PNG tRNS chunk in FastStone Image Viewer through 7.5 results in a stack buffer overflow.

View critical disclosures

cvelogic Threat Intelligence