Oct 24, 2022 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

GIGABYTE Multiple Products: 4 CVEs added to CISA KEV today.
9 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2018-19321 GIGABYTE Multiple Products Privilege Escalation

Actively exploited (CISA KEV)
Listed on CISA KEV
Potential privilege escalation to admin/root

GIGABYTE Multiple Products Privilege Escalation is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.

Critical exposure

CVE-2021-26727 Lannerinc Iac-ast2500a Firmware Buffer Overflow

CVSS 10

New critical Lannerinc Iac-ast2500a Firmware Buffer Overflow (CVSS 10) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2021-26728 Lannerinc Iac-ast2500a Firmware Buffer Overflow

CVSS 10

New critical Lannerinc Iac-ast2500a Firmware Buffer Overflow (CVSS 10) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

CVE-2020-3433 KEV

Cisco AnyConnect Secure Mobility Client for Windows DLL Hijacking

CVE-2020-3153 KEV

Cisco AnyConnect Secure Mobility Client for Windows Uncontrolled Search Path

CVE-2018-19320 KEV

GIGABYTE Multiple Products Unspecified

CVE-2018-19321 KEV

GIGABYTE Multiple Products Privilege Escalation

CVE-2018-19322 KEV

GIGABYTE Multiple Products Code Execution

CVE-2018-19323 KEV

GIGABYTE Multiple Products Privilege Escalation

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2021-26727 CVSS 10

Multiple command injections and stack-based buffer overflows vulnerabilities in the SubNet_handler_func function of spx_restservice allow...

CVE-2021-26728 CVSS 10

Command injection and stack-based buffer overflow vulnerabilities in the KillDupUsr_func function of spx_restservice allow an attacker to...

CVE-2021-26729 CVSS 10

Command injection and multiple stack-based buffer overflows vulnerabilities in the Login_handler_func function of spx_restservice allow a...

CVE-2021-26730 CVSS 10

A stack-based buffer overflow vulnerability in a subfunction of the Login_handler_func function of spx_restservice allows an attacker to...

CVE-2021-26731 CVSS 9.1

Command injection and multiple stack-based buffer overflows vulnerabilities in the modifyUserb_func function of spx_restservice allow an...

CVE-2021-42010 CVSS 9.8

Heron versions <= 0.20.4-incubating allows CRLF log injection because of the lack of escaping in the log statements.

CVE-2021-46848 CVSS 9.1

GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.

CVE-2022-39305 CVSS 9.8

Gin-vue-admin is a backstage management system based on vue and gin, which separates the front and rear of the full stack.

CVE-2022-40984 CVSS 9.8

Stack-based buffer overflow in WTViewerE series WTViewerE 761941 from 1.31 to 1.61 and WTViewerEfree from 1.01 to 1.52 allows an attacker...

View critical disclosures

cvelogic Threat Intelligence