Sep 20, 2022 Cyber Threat Intelligence
Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Daily summary
- Airspan Airspot 5410 Firmware: public exploit or PoC linked (RCE)
- 10 new critical disclosures — review patch status on exposed services.
Top threats today
Three highest-priority changes — analyst brief, not a CVE dump.
Active exploit activity
CVE-2022-2651
Joinbookwyrm Bookwyrm Auth Bypass
- Public exploit or PoC available
- Exploit activity linked
- Authentication bypass — unauthenticated access risk
Joinbookwyrm Bookwyrm Auth Bypass now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.
Active exploit activity
CVE-2022-36267
Airspan Airspot 5410 Firmware RCE
- Public exploit or PoC available
- Exploit activity linked
- Remote code execution exposure
Airspan Airspot 5410 Firmware RCE now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.
Critical exposure
CVE-2022-32788
A buffer overflow was addressed with improved bounds checking.
- CVSS 9.8
- Remote code execution exposure
New critical Apple Ipados Code Execution (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Active exploitation
CISA KEV — confirmed in-the-wild exploitation.
Nothing flagged in this category for this digest.
View KEV additions
Exploit & PoC activity
The Blink1Control2 application <= 2.2.7 uses weak password encryption and an insecure method of storage.
In Airspan AirSpot 5410 version 0.3.4.1-4 and under there exists a Unauthenticated remote command injection vulnerability.
Authentication Bypass by Primary Weakness in GitHub repository bookwyrm-social/bookwyrm prior to 0.4.5.
View new exploit links
Exploitation dynamics
Nothing flagged in this category for this digest.
See EPSS increases
New critical disclosures
A buffer overflow was addressed with improved bounds checking.
A memory corruption issue was addressed with improved state management.
This issue was addressed with improved checks.
Prototype pollution vulnerability in stealjs steal 2.2.4 via the alias variable in babel.js.
Safe Software FME Server v2021.2.5, v2022.0.0.2 and below was discovered to contain a Path Traversal vulnerability via the component fmed...
SmartVista SVFE2 v2.2.22 was discovered to contain a SQL injection vulnerability via the UserForm:j_id90 parameter at /SVFE2/pages/feegro...
SWFTools commit 772e55a was discovered to contain a heap-buffer overflow via the function readU8 at /lib/ttf.c.
SWFTools commit 772e55a was discovered to contain a heap-use-after-free via the function grow_unicode at /lib/ttf.c.
A security issue was discovered in Z-BlogPHP <= 1.7.2.
In Zutty before 0.13, DECRQSS in text written to the terminal can achieve arbitrary code execution.
View critical disclosures
cvelogic
Threat Intelligence