Jun 26, 2023 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Microsoft Windows 10 1607: public exploit or PoC linked (privilege escalation)
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Active exploit activity

CVE-2023-28293 Windows Kernel Elevation of Privilege Vulnerability

  • Public exploit or PoC available
  • Exploit activity linked
  • Potential privilege escalation to admin/root

Microsoft Windows 10 1607 privilege escalation now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.

Active exploit activity

CVE-2023-23408 Azure Apache Ambari Spoofing Vulnerability

  • Public exploit or PoC available
  • Exploit activity linked

Public exploit or PoC linked — exploitation bar is lower than disclosure-only CVEs.

Critical exposure

CVE-2022-48332 Widevine Trusted Application Buffer Overflow

  • CVSS 9.8

New critical Widevine Trusted Application Buffer Overflow (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

CVE-2023-30198 Exploit

Prestashop winbizpayment <= 1.0.2 is vulnerable to Incorrect Access Control via modules/winbizpayment/downloads/download.php.

CVE-2023-28288 Exploit

Microsoft SharePoint Server Spoofing Vulnerability

CVE-2023-28293 Exploit

Windows Kernel Elevation of Privilege Vulnerability

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2021-31635 CVSS 9.8

Server-Side Template Injection (SSTI) vulnerability in jFinal v.4.9.08 allows a remote attacker to execute arbitrary code via the templat...

CVE-2022-48332 CVSS 9.8

Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_save_keys file_name_len integer overflow and resultant buffer overflow.

CVE-2022-48333 CVSS 9.8

Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_verify_keys prefix_len+feature_name_len integer overflow and resultant bu...

CVE-2022-48334 CVSS 9.8

Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_verify_keys total_len+file_name_len integer overflow and resultant buffer...

CVE-2022-48335 CVSS 9.8

Widevine Trusted Application (TA) 5.0.0 through 7.1.1 has a PRDiagVerifyProvisioning integer overflow and resultant buffer overflow.

CVE-2022-48336 CVSS 9.8

Widevine Trusted Application (TA) 5.0.0 through 7.1.1 has a PRDiagParseAndStoreData integer overflow and resultant buffer overflow.

CVE-2023-30945 CVSS 9.8

Multiple Services such as VHS(Video History Server) and VCD(Video Clip Distributor) and Clips2 were discovered to be vulnerable to an una...

CVE-2023-32521 CVSS 9.1

A path traversal exists in a specific service dll of Trend Micro Mobile Security (Enterprise) 9.8 SP5 which could allow an unauthenticate...

CVE-2023-32557 CVSS 9.8

A path traversal vulnerability in the Trend Micro Apex One and Apex One as a Service could allow an unauthenticated attacker to upload an...

CVE-2023-33404 CVSS 9.8

An Unrestricted Upload vulnerability, due to insufficient validation on UploadControlled.cs file, in BlogEngine.Net version 3.3.8.0 and e...

View critical disclosures

cvelogic Threat Intelligence