Jun 13, 2023 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Fortinet FortiOS And FortiProxy SSL-VPN added to CISA KEV — confirmed in-the-wild exploitation.
  • Sales Tracker Management System Project Sales Tracker Management System: public exploit or PoC linked (cross-site scripting)
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2023-27997 Fortinet FortiOS and FortiProxy SSL-VPN Heap-Based Buffer Overflow

  • Actively exploited (CISA KEV)
  • Listed on CISA KEV

Fortinet FortiOS And FortiProxy SSL-VPN Buffer Overflow is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.

Active exploit activity

CVE-2023-3184 A vulnerability was found in SourceCodester Sales Tracker Management System 1.0.

  • Public exploit or PoC available
  • Exploit activity linked

Sales Tracker Management System Project Sales Tracker Management System cross-site scripting now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.

Critical exposure

CVE-2022-43684 Servicenow

  • CVSS 9.9

New critical disclosure (CVSS 9.9) — high severity with a short public awareness window before exploit material typically surfaces.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

CVE-2023-27997 KEV

Fortinet FortiOS and FortiProxy SSL-VPN Heap-Based Buffer Overflow

View KEV additions

Exploit & PoC activity

CVE-2023-3184 Exploit

A vulnerability was found in SourceCodester Sales Tracker Management System 1.0.

CVE-2023-3187 Exploit

A vulnerability, which was classified as critical, has been found in PHPGurukul Teachers Record Management System 1.0.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2022-28550 CVSS 9.8

Matthias-Wandel/jhead jhead 3.06 is vulnerable to Buffer Overflow via shellescape(), jhead.c, jhead.

CVE-2022-43684 CVSS 9.9

ServiceNow has released patches and an upgrade that address an Access Control List (ACL) bypass issue in ServiceNow Core functionality.

CVE-2023-24470 CVSS 9.1

Potential XML External Entity Injection in ArcSight Logger versions prior to 7.3.0.

CVE-2023-27836 CVSS 9.8

TP-Link TL-WPA8630P (US)_ V2_ Version 171011 was discovered to contain a command injection vulnerability via the devicePwd parameter in t...

CVE-2023-29357 CVSS 9.8

Microsoft SharePoint Server Privilege Escalation

CVE-2023-29363 CVSS 9.8

Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability

CVE-2023-29562 CVSS 9.8

TP-Link TL-WPA7510 (EU)_V2_190125 was discovered to contain a stack overflow via the operation parameter at /admin/locale.

CVE-2023-32014 CVSS 9.8

Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability

CVE-2023-32015 CVSS 9.8

Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability

CVE-2023-34944 CVSS 9.8

An arbitrary file upload vulnerability in the /fileUpload.lib.php component of Chamilo 1.11.* up to v1.11.18 allows attackers to execute...

View critical disclosures

cvelogic Threat Intelligence