Mar 30, 2023 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Fortra Cobalt Strike: 2 CVEs added to CISA KEV today.
  • Audiocodes Device Manager Express: public exploit or PoC linked (SQL Injection)
  • 6 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2013-3163 Microsoft Internet Explorer Memory Corruption

  • Actively exploited (CISA KEV)
  • Listed on CISA KEV

Microsoft Internet Explorer DoS is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.

Active exploit activity

CVE-2022-24627 An issue was discovered in AudioCodes Device Manager Express through 7.8.20002.47752.

  • Public exploit or PoC available
  • Exploit activity linked

Audiocodes Device Manager Express SQL Injection now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.

Critical exposure

CVE-2023-1725 Infoline-tr Project Management System SSRF

  • CVSS 9.8

New critical Infoline-tr Project Management System SSRF (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Fortra Cobalt Strike User Interface Remote Code Execution

Google Chromium Network Service Use-After-Free

Fortra Cobalt Strike Teamserver Cross-Site Scripting (XSS)

Microsoft Internet Explorer Memory Corruption

View KEV additions

Exploit & PoC activity

CVE-2022-24627 Exploit

An issue was discovered in AudioCodes Device Manager Express through 7.8.20002.47752.

CVE-2022-24629 Exploit

An issue was discovered in AudioCodes Device Manager Express through 7.8.20002.47752.

CVE-2022-24630 Exploit

An issue was discovered in AudioCodes Device Manager Express through 7.8.20002.47752.

CVE-2022-24632 Exploit

An issue was discovered in AudioCodes Device Manager Express through 7.8.20002.47752.

CVE-2023-25289 Exploit

Directory Traversal vulnerability in virtualreception Digital Receptie version win7sp1_rtm.101119-1850 6.1.7601.1.0.65792 in embedded web...

CVE-2022-39195 Exploit

A cross-site scripting (XSS) vulnerability in the LISTSERV 17 web interface allows remote attackers to inject arbitrary JavaScript or HTM...

CVE-2022-40319 Exploit

The LISTSERV 17 web interface allows remote attackers to conduct Insecure Direct Object References (IDOR) attacks via a modified email ad...

CVE-2022-2841 Exploit

A vulnerability was found in CrowdStrike Falcon 6.31.14505.0/6.42.15610/6.44.15806.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2023-1712 CVSS 9.8

Use of Hard-coded, Security-relevant Constants in GitHub repository deepset-ai/haystack prior to 0.1.30.

CVE-2023-1725 CVSS 9.8

Server-Side Request Forgery (SSRF) vulnerability in Infoline Project Management System allows Server Side Request Forgery.

CVE-2023-25076 CVSS 9.8

A buffer overflow vulnerability exists in the handling of wildcard backend hosts of SNIProxy 0.6.0-2 and the master branch (commit: 822bb...

Nextcloud server is an open source home cloud implementation.

CVE-2023-28462 CVSS 9.8

A JNDI rebind operation in the default ORB listener in Payara Server 4.1.2.191 (Enterprise), 5.20.0 and newer (Enterprise), and 5.2020.1...

CVE-2023-28731 CVSS 9.8

AnyMailing Joomla Plugin is vulnerable to unauthenticated remote code execution, when being granted access to the campaign's creation on...

View critical disclosures

cvelogic Threat Intelligence