Sep 20, 2022 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Airspan Airspot 5410 Firmware: public exploit or PoC linked (RCE)
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Active exploit activity

CVE-2022-2651 Joinbookwyrm Bookwyrm Auth Bypass

  • Public exploit or PoC available
  • Exploit activity linked
  • Authentication bypass — unauthenticated access risk

Joinbookwyrm Bookwyrm Auth Bypass now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.

Active exploit activity

CVE-2022-36267 Airspan Airspot 5410 Firmware RCE

  • Public exploit or PoC available
  • Exploit activity linked
  • Remote code execution exposure

Airspan Airspot 5410 Firmware RCE now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.

Critical exposure

CVE-2022-32788 A buffer overflow was addressed with improved bounds checking.

  • CVSS 9.8
  • Remote code execution exposure

New critical Apple Ipados Code Execution (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

CVE-2022-35513 Exploit

The Blink1Control2 application <= 2.2.7 uses weak password encryption and an insecure method of storage.

CVE-2022-36267 Exploit

In Airspan AirSpot 5410 version 0.3.4.1-4 and under there exists a Unauthenticated remote command injection vulnerability.

CVE-2022-2651 Exploit

Authentication Bypass by Primary Weakness in GitHub repository bookwyrm-social/bookwyrm prior to 0.4.5.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2022-32788 CVSS 9.8

A buffer overflow was addressed with improved bounds checking.

CVE-2022-32863 CVSS 9.8

A memory corruption issue was addressed with improved state management.

CVE-2022-32882 CVSS 9.8

This issue was addressed with improved checks.

CVE-2022-37265 CVSS 9.8

Prototype pollution vulnerability in stealjs steal 2.2.4 via the alias variable in babel.js.

CVE-2022-38340 CVSS 9.1

Safe Software FME Server v2021.2.5, v2022.0.0.2 and below was discovered to contain a Path Traversal vulnerability via the component fmed...

CVE-2022-38619 CVSS 9.8

SmartVista SVFE2 v2.2.22 was discovered to contain a SQL injection vulnerability via the UserForm:j_id90 parameter at /SVFE2/pages/feegro...

CVE-2022-40008 CVSS 9.8

SWFTools commit 772e55a was discovered to contain a heap-buffer overflow via the function readU8 at /lib/ttf.c.

CVE-2022-40009 CVSS 9.8

SWFTools commit 772e55a was discovered to contain a heap-use-after-free via the function grow_unicode at /lib/ttf.c.

CVE-2022-40357 CVSS 9.8

A security issue was discovered in Z-BlogPHP <= 1.7.2.

CVE-2022-41138 CVSS 9.8

In Zutty before 0.13, DECRQSS in text written to the terminal can achieve arbitrary code execution.

View critical disclosures

cvelogic Threat Intelligence